Say No to Hackers and Spyware

Resources to Help You Protect Yourself and Your Family from Scammers in Particular and Cybercriminals in General

2011-12-12T14:47:00.002-06:00

With the Holidays in full swing, what can you do to protect yourself and your family from cybercriminals? Educate yourself! After all, the scammers spend a great deal of their time learning ways and technology to effectively separate you from your money. Why shouldn't you learn how to protect yourself?

Here are some online resources that may be of help:

• If you have ever received emails asking for money for orphans or victims of hurricanes; informing you that you've won a foreign lottery, telling you that you've been contacted because you’re known to be of good integrity and could be trusted to bank $30 million in your savings account, for a generous fee of 10% of the sum, then you need to get Michael Berry’s anti-scammers book, "Greetings in Jesus Name! The Scambaiter Letters". Go to his Amazon site: www.Amazon.co.uk/GreetingsinJesusName

• Another scam-fighter has decided to fight back with what he calls “Scamorama”, those who are '419' scambaiters. (The '419' scam is a form of advance fee fraud.)

“Scambaiter”, as he calls them, are people who write back to '419' scammers just to yank their chains, waste their time, or as the British say, wind them up. Learn all about scams, scammers, and scambaiters at Yes, It Is a Scam. Go to: www.Scamorama.com/

• File a complaint with the Federal Trade Commission, the nation's consumer protection agency. It collects complaints about companies, business practices, and identity theft under the FTC Act and other laws we enforce or administer. Your complaints can helps the FTC detect patterns of wrong-doing, and lead to investigations and prosecutions.

The FTC enters all complaints it receives into Consumer Sentinel, a secure online database that is used by thousands of civil and criminal law enforcement authorities worldwide. It does not resolve individual consumer complaints. Go to: www.FTCComplaintAssistant.gov/

• To protect yourself from medical, health care product and service scams or simply to learn what's taking place, get free consumer information from the US Federal Trade Commission. Go to: www.FTC.gov/

• Educate yourself about current and ongoing Internet trends and schemes identified by the Internet Crime Complaint Center along with its description. Go to: www.IC3.gov/

Protect Yourself From Email Phishing

2011-10-27T15:43:00.001-05:00

A great way to stay safe and secure is to make sure you know who's asking for your personal info before sharing it with anyone. Safe and reputable companies and sites will never ask for anything like that by email or any other method. If you receive an email from your bank or business asking you to send them your updated email, it's a scam.

In fact, if you see any suspicious online behavior, do your part to report it. There are a number of anti-phishing and law enforcement groups that can help in such cases:

1. You can send an email to the FTC in the United States;

2. file a report with the Anti-Phishing Working Group on their website or by email;

3. submit a report to the Internet Crime Complaint Center, co-sponsored by the FBI and the National White Collar Crime Center.

2011-09-30T11:32:00.000-05:00

Has anyone approached you in a public area and offered FREE services, groceries, or other items in exchange for your Medicare number?

JUST WALK AWAY!

October is National Cyber Security Awareness Month. What Are You Planning to Do to Stay Safe?

2011-09-17T13:20:00.000-05:00

National Cyber Security Awareness Month (NCSAM), conducted every October since 2004, is an annual awareness-raising effort that seeks to encourage everyone to protect their networks and our nation’s critical cyber infrastructure.

Cyber security requires vigilance 365 days per year. However, the Department of Homeland Security (DHS), the National Cyber Security Alliance (NCSA), and the Multi-State Information Sharing and Analysis Center (MS-ISAC), are the champions and founders of National Cyber Security Awareness Month and work together during the month of October to increase general cybersecurity awareness.

What are you planning to do for National Cyber Security Awareness Month?

The success of National Cyber Security Awareness Month rests on all of us doing what we can do to engage those around us to be safe and secure online. There are opportunities for everyone to get involved, no matter what their role is.

To visit their website to learn what you can do for yourself, your children, their classroom, your business, just click on image below.

Are You Compliant?

2011-01-10T15:35:00.003-06:00

If you're in business, you'd be wise to make information security an important part of it. Not only is it smart to be responsible and to protect against cyber-crime and ID theft, but properly managing your security and your computer systems can make you more productive and save valuable time and money.

It's everyone's responsibility to do what they can to fight identity theft and consumer fraud. But with current laws and regulations requiring the protection of customer information, businesses, and organizations now bear the biggest liability and the greatest monetary damage from identity theft and fraud.

If you collect, use, transmit, or store information about your customers or members, you must comply with these laws and regulations. And while not every law or regulation is applicable to every business, every business must meet minimum standards of information security, or face steep fines, penalties and even civil action against them in the event customer or employee information is leaked, lost or stolen.

Here are some questions you need to be asking:

Does your business meet the security standards and requirements for virtually every federal, state, and industry law and regulation mandating the protection of customer and employee information?
Does it have the potential for big penalties and fines for negligence and non-compliance? If so, what can you do to prevent it?
Does it have comprehensive technical and administrative safeguards required to keep out hackers and identity thieves?
Does the bank accounts, private information, and trade secrets of your business have maximum protection?
Is your business increasing referrals and sales by increasing trust and loyalty with its customers?
Does your business protect the personal information of its employees from would-be thieves?
Does your business protect the information of its customers from identity theft and fraud?
Is the image and customer goodwill of your business protected from security breaches?

How much at risk are you right now? Find out now. Click to "Free Business Scorecard" in the right column under Are You Compliant?

Some Ploys Used by Hackers and Scammers Especially During the Holidays

2010-12-20T15:00:00.001-06:00

If you do your holiday shopping online, don’t let the coziness of your home fool you into thinking that everything is okay. Your life is still in danger. Hackers, crackers, spammers, and thieves all want the same thing – your money, your life – and more. They want your credit cards, bank accounts, social security numbers, club cards, names, addresses, medical records, and money. You name it, they want it.

So how do these villains get this information from your life? Lots of ways, but we will focus on three.

1. Malware. Viruses, spyware, Trojans, and all the other malicious tools out there come together to steal your information. Once a computer gets infected with these malware programs, they can steal any information you put into your computer. When you purchase that new blanket that looks like a backwards robe you have been dying for with your credit card, the attacker gets your card too. Most of the time, the user won’t even know they are infected. There are no symptoms. The last thing a virus that steals information wants is to be detected. The usual annoying pop-ups and other tell-tale signs of infection just aren’t there.

2. Fake/fraudulent Websites. Spam can go along in this category. Most times users visit these malicious sites due to spam. You get an email from your favorite department store advertising a deal that would be crazy to pass up. You click the link to go to the deal online and purchase the holy grail of all deals. Days pass, then weeks and you still haven’t gotten your order. Then you check your credit card to see if the order processed only to find that it has been maxed out by purchases you never made. You just got scammed. The same can happen to your bank accounts. Attackers set up very legitimate looking websites to trick you into thinking that you are on the real site. The layout, colors, and logos are all perfectly placed. Even the shopping cart looks real. But it is just a wolf in sheep’s clothing.

3. Non-patched Software. If you have heard of zero-day attacks, this is how they are so effective. They find holes in a program that has not been fixed yet and send all sorts of attacks out there to compromise as many machines as possible before the holes are patched. From the operating system, to software installed on the computer, they are all vulnerable if not properly updated. A lot has been in the news about Adobe and the exploits that have been found.

Launch Your Own "Nuclear Bomb" in Your Fight Against ID Theft

2010-11-18T13:30:00.008-06:00

Find out from Liz Pulliam Weston, a personal finance columnist at MSN Money, how you can use a little know and underutilized secret weapon to launch "a nuclear bomb" of identity theft protection.

In a short, but info-packed video Liz will reveal one way you can freeze out identity thieves. Additionally, she will walk you through the import steps you need to take now to make sure you are not already a victim.

Now, to get started, just click on the link below to be taken to the MSN Money web site. It will open in a new window.

MSN Money Video

Three Options for Backing Up Your Valuable Information

2010-10-20T12:07:00.003-05:00

If you care about any of the information that you have on your computer(s), BACK IT UP! It's necessary to always have a copy of your information just in case something happens to your computer, but did you know that there are three ways that you can easily backup your information at home?

Option 1: Back up online

When you back up your information, you're simply making a copy of what's on your computer and putting it somewhere else. There are online companies that will do this for you on a regular basis. After you install their program on your computer and make a few configuration updates, your data will be uploaded to a secure location via the internet. If the unthinkable happens, you can easily restore your data. Even if the unthinkable doesn’t happen, you always have access to you data online anytime you please.

Pro: It's easy to do, worry-free, and stores off-site. Additionally, you have access to your data via internet and you can do regular backups.
Con: There's usually a monthly subscription.

Option 2: Back up to an external hard drive using an automatic program.

You can go to just about any computer store and purchase an external hard drive that works just like a thumb drive except that it has more memory. Most external drives that you'll purchase come with an automatic program that will back up your information. Or, if you want a more feature-rich backup application, you can purchase one that fits your needs.

Pro: It's automatic and portable. You choose your backup times with no one else handling your data.
Con: Your hard drive must be plugged into your computer if you want to backup or restore. There is no off-site storage. In the event of a fire, you would lose both the computer and hard drive.

Option 3: Back up to an external hard drive manually

After you purchase a hard drive, you can simply just find the files on your computer that you want to keep safe and “drag and drop” them onto your external hard drive. Then you can store your hard drive wherever you want. You will need to remember to do this on a regular basis so that you have all the updated files you want to keep copies of.

Pro: This is usually the cheapest option, but you're in more control of the back up.
Con: Sadly, it's not automatic. Added to that, it's time-consuming to locate all files and ‘drag and drop’ and there's no off-site storage.

These are your options to backing up your valuable information. The point is that you must back up your data, or risk losing it, especially since there are so many cybercriminals who are aggressively devising new and creative ways to separate you from your information and your money.

Malvertising: Cybercriminals' Latest Form of ID Theft

2010-10-05T15:22:00.002-05:00

The term "malware," derived from "malicious software," refers to any software specifically designed to harm a computer or the software it's running. Because malware can potentially steal sensitive information like credit card numbers or passwords from your computer, send fake emails from your email account, and more, it is often referred to as "crimeware." And the hackers who create and/or send them are known as cybercriminals.

Malware can be installed on any desktop, laptop, or notebook computer, with or without your knowledge, in a number of ways — usually when you visit a contaminated website, download seemingly innocent software, or send sympathetic warnings and alerts.

Malvertising = Malware + Advertising

Now, some cybercriminals are using advertising to distribute their malware. Possible vectors of attack include malicious code hidden within an ad creative (such as a swf file), embedded on a webpage, or within software downloads. That's why I'm so extremely passionate about NOT sending Comments "to everyone on your list", a phrase often used by the hackers to help them spread their malware.

Ad networks vary in their responses to malvertising incidents. At Google, the Anti-Malware Team studies malware distribution and works closely with the security community to identify crimeware on the web and share that information more broadly. This stems directly from Google's security philosophy: "We believe that if we all work together to identify threats and stamp them out, we can make the web a safer place for everyone."

Google is doing its part to make our online experience a safer one. Let's do the same for ourselves, our families, and our businesses.

Have You Been a Victim of Identity Theft?

2010-09-14T11:00:00.004-05:00

Below is an excerpt of a helpful guide provided by Privacy Rights Clearinghouse to get your identity back.

The guide provides victims of identity theft with instructions on how to regain their financial health and who to contact for more help. You must act quickly and assertively to minimize the damage.

If you want to stay protected in the future, be sure to sign up for iDefend and let our identity specialists manage everything for you. To learn more about the 25 + resources mentioned in the guide, click here.

Identity Theft: What to Do if It Happens to You

You apply for a credit card and are turned down because of a low credit score, yet you know that you've always paid your accounts on time.

A debt collector calls to demand payment on a six-month overdue account for a credit card you have never had.

You receive a credit card in the mail that you've never applied for.

What's happening? You could be the victim of identity theft, where an imposter is using your personal information to obtain credit. Then when the thief does not pay the bills, the company itself or a debt collection company contacts you to demand payment. As a result, your credit report is likely to contain negative information about your bill-payment history, and your credit score has probably been lowered considerably, making it difficult or impossible to obtain new credit yourself.

Hackers Target USB and Other Removable Media . . . Again

2010-09-04T10:00:00.005-05:00

Written July 19, 2010 by Joel Harrison,
INVISUS Senior Technology Analyst

The world was recently attacked by malware that installed itself through the AutoPlay feature, and it is happening again. The previous attack placed a second AutoPlay option in the window that pops up when you insert a flash drive. Clicking on the wrong one would infect the computer. This new threat attacks shortcut icons. It targets USB sticks and other removable drives.

A security advisory issued by Microsoft warns users of targeted attacks against Windows Shell (that is the main interface that Windows uses to organize the desktop and file system). The attacks work on virtually all versions of Windows and could enable a hacker to take complete control of a victim’s machine.

The attack targets the way Windows parses shortcut icons on a user’s system. Microsoft said disabling AutoPlay makes it more difficult for the attack to work. The attack can be carried out remotely through network shares or remote WebDAV shares.

As usual, make sure that the INVISUS security software on your machine is updated and running scans regularly. Do not plug in USB flash drives that you find or were given to you by someone you are unfamiliar with.

Note: Whether your computer is at your home, church, or small business, you owe it to yourself, your family, congregation, customers, and employees to ensure that it is safe and secured from hackers and cybercriminal attacks.

Thus, I encourage you to test your PC right now by clicking on the test button in the upper, right column. After you've tested it, why not also take a moment to see if your small business is PCI compliant?

Beware of Job-Search Scammers Who Will Steal Your Information and Money, Part I of IV

2010-08-24T14:11:00.004-05:00

If you’re looking for a job, you may see ads for firms that promise results. Many of these firms may be legitimate and helpful, but others may misrepresent their services, promote out-dated or fictitious job offerings, or charge high fees in advance for services that may not lead to a job. The Federal Trade Commission (FTC) announced a new crackdown on con artists and scammers who are preying on unemployed Americans with job-placement and work-at-home scams, promoting empty promises that they can help people get jobs in the federal government, as movie extras, or as mystery shoppers; or make money working from their homes stuffing envelopes or assembling ornaments.

Visit the FTC’s Web site at www.FTC.gov
or write to the FTC at their
Consumer Response Center, Room 130,
600 Pennsylvania Avenue, N.W.,
Washington, D.C. 20580.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. Their Web site provides free information on a variety of consumer topics.

To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357).

The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,700 civil and criminal law enforcement agencies in the U.S. and abroad.

Criminals and Spies Swamp Cyberworld

2010-08-05T16:05:00.002-05:00

The following is an article written by Mr. Sebastian Smith that he published on Wednesday, August 4, 2010 online at 09:19 am ET. It presents a current state of affairs in the cybercriminal world that we are exposed to every time we go online.
_____________________

NEW YORK (AFP) – Finally the world has a hacker-proof communications device. The bad news? It's a brick in a glass case. The joke, told to a cyber conference Tuesday in New York, illustrates what top US experts describe as the dire state of online security.

"Threats today are basically not preventable," said Amit Yoran, a leading IT (Information Technology) security consultant and CEO (Chief Executive Officer) of NetWitness Corporation. "There's basically no way to defend any large-scale environment today."

The spoof brick really exists -- right in the lobby of the secretive US National Security Agency, Yoran said. And that's to remind America's top cyber spooks how limited their powers really are.

Yoran described a world where hackers operate mostly with impunity, since they are rarely caught -- or extradited when found -- and at great profit. Nor are they all lone teenage computer geniuses playing for kicks.

Organized gangs and government-sponsored spies are the real threat, making cyber crime a bigger sector even than drug trafficking, he said. "It's a very complex set-up."

The gloomy diagnosis from the FBI-sponsored conference at New York's Fordham University comes when the Internet and society are becoming more integrated by the minute.

Everything from countries' military maneuvers to ordinary citizens' grocery shopping is increasingly organized online. In fact the entire US economy, White House cyber security coordinator, Howard Schmidt, told the conference, essentially rests on safe Internet facilities.

Last year saw 10 trillion dollars in online business, a figure forecast to hit 24 trillion in another decade, he noted.

Yet, incredibly, the business world has yet to grasp the threat that online thieves and vandals pose. Almost half of small businesses don't use anti-virus software and even fewer use it properly, Schmidt warned.

"There has been enough exfiltration of personal property in this country in the past years to fill the Library of Congress over and over again. So we must do more." But chasing cyber criminals is a task that can exasperate the most powerful sleuth.

"Cyber criminals are not constrained by geographic borders," said Michael DuBose, head of the computer crime section at the Department of Justice. "A Romanian hacker sitting at his kitchen table can penetrate a US network within seconds and exit just as quickly."

The hackers' "world has become a lot smaller," he added, but "they prey on what is essentially a global victim pool."

Another hurdle, according to the FBI's cyber division deputy assistant director, Jeffrey Troy, is outdated legislation, combined with the usual complications of cross-border probes.

"We need to be operating like one global law enforcement agency," he said. Instead "a lot of countries don't have laws that fit the crime... We're using laws that were written when no one even had thought of the crime."

Experts at the conference also lamented what they said was the failure of private software companies to come up with adequate defenses.

In the end, they said, all that can be done is to mitigate the problem and make the hacking business -- ranging from theft of bank details and spam advertising to espionage and terrorist sabotage -- less easy.

Gary Gagnon, from the IT security firm MITRE, joked the biggest problem was people -- "users who just can't help clicking" on infected files. But he said no one should ever feel smug about security levels. "If (hackers) are determined to get in our network, they'll get in. The odds are stacked in their favor."
______________

The bottomline? Please stay vigilant whenever you go online, especially when you send Comments and warning alerts encouraging your friends to send to everyone on their list.

FTC Halts International Scheme of More Than $10 Million In Unauthorized Credit and Debit Cards Charges

2010-06-28T15:50:00.003-05:00

At the request of the Federal Trade Commission (FTC), a federal court has halted an elaborate international scheme that used identity theft to place more than $10 million in bogus charges on consumers’ credit and debit cards, pending a trial.

More than a million consumers were hit with one-time charges of $10 or less, and their payments were routed through dummy corporations in the United States to bank accounts in Eastern Europe and Central Asia.

The defendants, using phony company names resembling real companies, and information taken from identity theft victims in the United States, opened in excess of 100 merchant accounts with companies that process charges to the credit and debit card accounts of consumers, according to the FTC complaint.

The FTC believes the defendants may have run credit checks on the identity theft victims first, to be sure they were creditworthy. The defendants also cloaked each fake merchant with a virtual office address near a real merchant’s location, a phone number, a home phone number for the “owner,” a Web site pretending to sell products, a toll-free number consumers could call, and a real company’s tax number found on the Internet.

The FTC alleged that with spam e-mail, the defendants recruited at least 14 “money mules” – people in the United States they paid to form 16 dummy corporations, open associated bank accounts to receive the card payments, and transfer the money overseas. The defendants used debit cards linked to these bank accounts to set up telephone service, virtual addresses, and Web sites that helped deceive the card processors, according to the complaint.

The “money mules” responded to spam e-mail pretending to seek a U.S. finance manager for an international financial services company. The FTC has not determined how the defendants obtained the stolen identities or consumers’ credit and debit account numbers. Consumers’ payments were sent to bank accounts in Lithuania, Estonia, Latvia, Bulgaria, Cyprus, and Kyrgyzstan.

None of the consumers affected by the scam had contact with any of the defendants. Most consumers either didn’t notice the charges on their bills or didn’t seek chargebacks because of the small amounts – charges ranged from 20 cents to $10. Consumers who called the toll-free numbers that appeared on their bills either found them disconnected or heard recorded messages instructing them to leave a message, but no calls were returned.

The defendants are the 16 sham companies – API Trade LLC, ARA Auto Parts Trading LLC, Bend Transfer Services LLC, B-Texas European LLC, CBTC LLC, CMG Global LLC, Confident Incorporation, HDPL Trade LLC, Hometown Homebuyers LLC, IAS Group LLC, IHC Trade LLC, MZ Services LLC, New World Enterprizes LLC, Parts Imports LLC, SMI Imports LLC, SVT Services LLC – and one or more persons who are unknown to the agency at this time. The FTC charged them with making unauthorized charges to consumers’ credit cards in violation of Section 5 of the FTC Act. The court froze the defendants’ assets and ordered them to stop operating, pending final resolution of the case.

The Commission vote to file the complaint was 4-0. The preliminary injunction order was entered by Judge Ronald A. Guzman in the U.S. District Court for the Northern District of Illinois, Eastern Division.

NOTE: The Commission authorizes the filing of a complaint when it has “reason to believe” that the law has been or is being violated, and it appears to the Commission that a proceeding is in the public interest. The complaint is not a finding or ruling that the defendants have actually violated the law.

The Federal Trade Commission works for consumers to prevent fraudulent, deceptive, and unfair business practices and to provide information to help spot, stop, and avoid them. To file a complaint in English or Spanish, visit the FTC’s online Complaint Assistant or call 1-877-FTC-HELP (1-877-382-4357). The FTC enters complaints into Consumer Sentinel, a secure, online database available to more than 1,800 civil and criminal law enforcement agencies in the U.S. and abroad.

The FTC’s Web site (www.FTC.gov) provides free information on a variety of consumer topics.

The Digital Photocopier You Use May Be Loaded with Secrets

2010-06-16T11:52:00.001-05:00

Your Social Network Profile Might Attract Pedophiles and Predators

2010-06-14T16:08:00.003-05:00

Future Computer Technology from Microsoft

2010-05-06T13:28:00.002-05:00

The Days of High PC Maintenance and Repair Costs Are Gone!

2010-05-04T11:00:00.000-05:00

At INVISUS, we provide you with significant cost savings for professional computer support services every time you need assistance. Brand name security products and computer services companies charge high per-minute or per-incident service fees anytime you need live personalized help. With the average computer requiring fixes and repairs an average of twice a year, and with security problems at an all-time high, this can hit the pocketbook hard for anyone who owns a computer today.

In fact, American consumers now spend over $4 billion every year on computer repairs including virus and spyware removals and system cleanups. This doesn't include the cost for downtime, the cost of travel to and from the repair shop, or the cost of having to purchase a new computer altogether. Increasingly, maintaining and repairing computers is costing as much as the computer itself.

It's not a question of "if" you will need professional help, it's a matter of "when".

Our service subscribers enjoy the benefit of actually saving money with our service because they don't pay the stiff price the rest of the industry charges for live help. Every security checkup, system cleanup, virus removal, spyware removal, etc. that we do for our subscribers amounts to real bottom line savings to members of the INVISUS community.

There are no per-minute costs nor per incident charges. Ever!!! Our subscribers receive unlimited service at no extra cost.

As a subscriber, you won't have to pull apart your computer, haul it down to a repair shop, and wait for days to get it cleaned up. As an added huge bonus, you'll have an English speaking, US-based technician personally helping you every time you need assistance.

We are here to help make your computer hassle-free and safe again. And we are here to save you money in the process.

So, why not take the first step by taking our free test! Just click on the red test button at the top of the right column.

What Everybody Ought to Know: Why Your Computers Need to Be Fully Protected

2010-04-30T15:00:00.003-05:00

Here is what you will need to be fully protected on your home or business computer:

at least five layers of overlapping security technologies and services to create a virtual fortress for your PC. Most off-the-shelf and free software offer two, or three at the most, programs. But are they overlapping when they work and when they update?
desktop firewall to lock out hackers and other unauthorized intrusions and shield your PC from unauthorized communication both to and from your PC, making your PC virtually invisible to hackers and other intruders randomly scanning the Internet for vulnerable PCs;
world-class anti-virus protection, including 24/7 scanning and certification that your incoming and outgoing e-mails attachments are virus-free — plus scanning of all removable media such as CDs, Zip disks, portable hard drives, and floppies;
anti-spyware that continuously monitors, detects, and eliminates all forms of spyware, hacker tools, and malware from your PC including malicious spyware tools, adware, browser hijackers, search hijackers, keyloggers, ghost spammers, remote access tools (RATs), back doors, and many other illegal programs and applications that breach your privacy and security;
patch management that will automatically find and fix security holes and other dangerous vulnerabilities in your computer’s operating system and software programs that hackers use to break into your computer;
security alerts that warns you of brand new viruses, worms, and other security threats as they emerge – including specific recommendations of what to watch out for and how to avoid getting attacked to keep your privacy secured and your PC safe; and to wrap it all together,
premium technical support that offers free unlimited expert technical support for any security related problems or issues by highly trained technicians.

Although the Internet basically provides a positive and productive experience, cyber-attacks against our personal privacy and security are reaching epidemic proportions. These attacks are occurring in our own homes and businesses. Our own computers are being used are being used as zombies to attack other people, businesses, and even our nation itself. As an average Internet user, you may not be aware of these threats nor have any idea about the dramatically increasing risks you face when connected to the Internet.

On a campaign for internet safety awareness and protection, my mission is to bring critical awareness to individuals, families, and small business owners, and to provide access to the necessary tools and ongoing expertise to secure your computer and help you stay protected.

I invite you to join the many thousands of others who have tested their computers, discovered these threats are real, and taken the necessary steps to protect their computers, their families, and their businesses.

Now that you have become aware of these issues, I encourage you to share this vital information with your families, friends and communities. Together, we can reach many millions of people and inform them about the threats to their privacy and security, and help them get the protection they desperately need.

Remember: When you say “No!” to hackers and spyware, everyone wins! When you don’t, we all lose.

Test your computer now!

Part 3 of 3

What Everybody Ought to Know: Why You Need a Comprehensive Security Service Package

2010-04-27T16:00:00.000-05:00

The Internet-based attacks on your personal privacy and security continue to worsen year after year. The future of Internet security is gloomy and it takes an extremely dedicated and savvy computer user to find the right mix of security programs and stay current with the newest threats. Internet security is not a one-time event. You cannot simply install security software on your PC and then forget about its safety and security, and ultimately, the safety and security of your family, home, and business. Internet safety and security require an ongoing, time-intensive process with a fairly high level of expertise and vigilance.

Why you need a team of security experts on your side:

Do you want to be an Internet security expert? If you are like most people, you neither want to nor have the time. You don’t want to worry about staying current with the latest technologies. You can’t possibly keep up with the all the new threats coming at you almost daily because you have better things to do with your time. Instead, most people end up relying on the opinions and recommendations of more knowledgeable friends and family members for their security needs and hope nothing bad happens. But is that the best and safest strategy?

To get maximum protection for your PC, you need an Internet security expert on your side. Better yet, you need a team of experts making sure that you, your family, and your business are always safe and secure. You need to find your own personal team of experts to rely on. If you ever have a security problem, you want a trusted expert you can call for professional answers and solutions without any hassles and extra costs! As time goes on, it will become even more critical than it is today.

The best protection you can have in today’s rapidly changing world of cyber-attacks is to have expert support for all your Internet security needs. Hackers will likely always be one step ahead of law enforcement and the security industry itself. Software-based protection alone, as you can see, is not enough anymore.

Of all the Internet users who have anti-virus software on their computers, 85% of them had computers that were subsequently infected with a virus or worm! Have you ever had a virus you couldn’t get rid of? Has your computer acted funny or has it slowed way down due to a massive spyware infestation? Then you see and know how dangerous and damaging these threats and risks are!

Unfortunately, for consumers seeking security and privacy protection with brand name solutions will find two extremes – complex systems they cannot afford or properly maintain, or consumer-grade technology that doesn’t provide adequate protection. If they do find something that fits their budget, it will likely have only a part of what is needed to truly protect a computer, and it won’t include free expert support and a security guarantee.

Caution: Don’t be lulled into a false sense of security thinking that the anti-virus software that came with your computer is enough protection. Off-the-shelf anti-virus software does not always protect you from attacks such as: hackers, spyware, remote access tools, Trojan horses, password crackers, keystroke loggers, identity theft tools, Microsoft security holes, hybrid viruses, and others much worst. And most people let their anti-virus program expire, thereby losing protection from everyday viruses and worms.

Remember: When you say “No!” to hackers and spyware, everyone wins! When you don’t, we all lose.

Test your computer now!

End Part 2 of 3

What Everybody Ought to Know: It’s No Longer Enough to Install Off-the-shelf Security Software

2010-04-21T19:21:00.010-05:00

Think about this: You had problems with your computer in the past. Now you want to insure that those little annoying nuisance, pests, threats, and risks from hackers and spyware don’t hide in your computer any more. So, you load up your computer with all the free and off-the-shelf security software you can find. Now, as your confidence rises, you think that your computer is as impenetrable as the gold at Fort Knox.

Wrong!!!! You have been fooled into thinking that your computer is fully protected.

Now think about this: With all the options available to you, how do you know which one offers the best protection for you, your family, or your business? Here are some questions you need to consider:

Are you a trained computer and Internet security expert?
Do you know exactly which security software is compatible with your system?
Do you have the time to continually research all the latest security technologies?
Do you know exactly which software you should install and which ones should not?

Once installed, how do you keep the different software programs updated? In fact, how often are they updated: daily? weekly? biweekly? monthly? Are the updates free. And if so, for how long?
If you encountered a problem that your installed security software could not fix, or you simply had a question, would you have access to free, live technical support?
If not, what would it cost you? Would it be a one-time fee? Would it come with a warranty period? And what would it cost you when the warranty expires?

By now, I’m hoping that you’re beginning to see why it is not enough any longer to install off-the-shelf security software. There is a better option! You need a revolutionary full security service package that gives you peace of mind because its software programs work together, its technical support is always live and free, and at no additional cost.

Remember: When you say “No!” to hackers and spyware, everyone wins! When you don’t, we all lose.

Test your computer now!

Taking Your Computer to the Store is So Yesterday

2010-04-03T14:19:00.006-05:00

By Joel Harrison
INVISUS Senior Technology Analyst

There’s nothing worse than having to get down behind your desk, memorize where all the wires go, and hope you can get them all back where they belong.

Except maybe paying too much for the repair once you get it to the store.

It’s time you stopped lugging your computer around town trying to find someone to fix it and take advantage of the latest software and services that lets the technician come to you – remotely.

With the advances in technology and the tools that are available, taking your computer to the shop is becoming a thing of the past. A technician can repair the majority of your computer problems without you leaving your house or them entering.

Remote help is taking over the support industry. And with the right support team caring for your computers, you don’t need to worry about a thing. They can do everything for you.

Sure, having to take your computer to the tech shop may still be warranted in some rare occasions, but you should always call for remote support first to see if they can get you up and running.

With just a phone call and a couple of clicks of the mouse, a technician can be connected to your computer to diagnose and repair errors and even clean off all the viruses and spyware.

Just sit back, relax, go get some dinner, and let the [INVISUS] technicians do everything for you. Ah, the beauty of remote support.

Fight Scammers with Scammer Alert Images

2010-03-20T14:45:00.008-05:00

Like me, individuals, businesses, and organizations across the Internet are sick and tired of being victims of scammers and hackers and are fighting back.

I've added graphics from their sites with the intention of encouraging you to fight back, too. I further encourage you to post similar graphics on your websites or social networking profiles.

Beneath each graphic I've placed a link to the source. Be sure to view what they have to say.

Courtesy of KTVO News.

Courtesy of ESL Teachers Board

Courtesy of Subtle Particle.

Courtesy of The Scam Team, which was formed by a group of international trade and Internet communications experts. They are based in a little Spanish city called Palencia.

Courtesy of Champ Bulldogs.

Courtesy of PRNewsChannel.com.

Courtesy of the FBI and Central National Bank.

Courtesy of Nevada Fight Fraud.

Courtesy of PigBusters.net.

Karen Lodrick, Leading Nationwide Consumer Advocate for ID Theft Protection

2010-02-13T12:15:00.004-06:00

Watch Karen's story on Good Morning America about how her identity was stolen, and how she caught (literally) the thief on the streets of San Francisco.

Improved Changes for You, Your Family, and Your Business!

2010-02-11T11:59:00.017-06:00

Personal Computer Services for Home and Family:

Our personal computer services simplify your life and protect you against Internet predators and cyber-crime. Our expertise is in eliminating headaches and hassles with your computer, and saving you time and money. With our popular monthly service plans, you've got unlimited access to all the expert help you need - for one low monthly fee.

Try our monthly service plans with a 30 Day RISK-FREE TRIAL!

You've got two great plans to choose from:

* iSafe Service Plan

Professional grade protection against Internet predators, viruses, spyware, and other digital security threats that put you at risk and cause ongoing problems and big repair bills.

* iCare Service Plan

Total care for your computer to keep it safe, reliable and running like new. Professional grade protection, plus full system tune-up, optimization, maintenance, troubleshooting and repair for virtually any computer problem.

Professional Computer Services for Small Businesses:

You need multiple layers of protection to truly secure your business computers. Anti-virus is not enough. Our home office, INVISUS, offers a comprehensive suite of products to lock your systems down to keep your information's integrity intact.

Try our services RISK-FREE with our 30-day money-back guarantee!

You've got three great plans to choose from:

* iSafe Pro Service Plan

A comprehensive, maximum protection, professional computer security service plan for your business. Gives you maximum protection against cyber-crime and fraud for the digital age.

Affordable protection your business requires, and the security you and your customers deserve.

* iCarePro

Total care for your business computers to keep them safe, reliable, and running like new. You get Maximum Protection and Total Care of your computers.

Take your iSafePro protection to the next level and never worry again about computer problems or downtime! Get unlimited expert help from our certified INVISUS technicians who will troubleshoot and resolve virtually ALL your computer problems over the phone or through a secure remote connection.

* InfoSafe Service Plan

Information Security Compliance! An industry first! Makes it easy for you to get and keep your business compliant with federal, state, and industry data security laws and regulations.

Promotes privacy, safety, and trust with your customers.

* Become compliant with laws and industry standards.
* Prevent penalties, fines, and security breaches.
* Increase customer confidence and sales.
* Save valuable time and money.

Backed by InfoSafe Services and Certification, you can be confident that you are compliant with industry standards and best practices for information privacy and security.

Click on banner for more information.

Looking at Fraud from the Inside Out

2010-02-05T13:20:00.004-06:00

In this video a convicted business opportunity scam artist takes you behind the scenes so you can learn the tricks he used to cheat people out of their money.

He also instructs you about what questions you must ask in order to help you determine if a business opportunity is a scam or the real deal.

Video is courtesy of the US Federal government.

Some Safe Practices for Computer Security, According to the Federal Government

2010-02-01T10:00:00.000-06:00

Access to information and entertainment, credit and financial services, products from every corner of the world — even to your work — is greater than ever. Thanks to the Internet, you can play a friendly game with an opponent across the ocean; review and rate videos, songs, or clothes; get expert advice in an instant; or collaborate with far-flung co-workers in a "virtual" office.

But the Internet — and the anonymity it affords — also can give online scammers, hackers, and identity thieves access to your computer, personal information, finances, and more.

With awareness as your safety net, you can minimize the chance of an Internet mishap. Being on guard online helps you protect your information, your computer, and your money. To be safer and more secure online, make these practices part of your online routine.

Visit FTC.gov/idtheft to learn what to do if your identity is stolen or your personal or financial information has been compromised – online or in the "real" world.

How do criminals get your personal information online? One way is by lying about who they are, to convince you to share your account numbers, passwords, and other information so they can get your money or buy things in your name. The scam is called "phishing": criminals send email, text, or pop-up messages that appear to come from your bank, a government agency, an online seller or another organization with which you do business. The message asks you to click to a website or call a phone number to update your account information or claim a prize or benefit. It might suggest something bad will happen if you don't respond quickly with your personal information. In reality, legitimate businesses should never use email, pop-ups, or text messages to ask for your personal information.To avoid phishing scams:

Don't reply to an email, text, or pop-up message that asks for personal or financial information, and don't click on links in the message. If you want to go to a bank or business's website, type the web address into your browser yourself.

Don't respond if you get a message – by email, text, pop-up or phone – that asks you to call a phone number to update your account or give your personal information to access a refund. If you need to reach an organization with which you do business, call the number on your financial statement, or use a telephone directory.

Some identity thieves have stolen personal information from many people at once, by hacking into large databases managed by businesses or government agencies. While you can't enjoy the benefits of the Internet without sharing some personal information, you can take steps to share only with organizations you know and trust. Don't give out your personal information unless you first find out how it's going to be used and how it will be protected.

If you are shopping online, don't provide your personal or financial information through a company's website until you have checked for indicators that the site is secure, like a lock icon on the browser's status bar or a website URL that begins "https:" (the "s" stands for "secure"). Unfortunately, no indicator is foolproof; some scammers have forged security icons. And some hackers have managed to breach sites that took appropriate security precautions.

Learn what to do in an e-mergency.

If you suspect malware is lurking on your computer, stop shopping, banking, and other online activities that involve user names, passwords, or other sensitive information. Malware could be sending your personal information to identity thieves.

Confirm that your security software is up-to-date, then use it to scan your computer. Delete everything the program identifies as a problem. You may have to restart your computer for the changes to take effect.

If the problem persists after you exhaust your ability to diagnose and treat it, you might want to call for professional help. If your computer is covered by a warranty that offers free tech support, contact the manufacturer. Before you call, write down the model and serial number of your computer, the name of any software you've installed, and a short description of the problem. Your notes will help you give an accurate description to the technician.

If you need professional help, if your machine isn't covered by a warranty, or if your security software isn't doing the job properly, you may need to pay for technical support. Many companies — including some affiliated with retail stores — offer tech support via the phone, online, at their store, or in your home. Telephone or online help generally are the least expensive ways to access support services — especially if there's a toll-free helpline — but you may have to do some of the work yourself. Taking your computer to a store usually is less expensive than hiring a technician or repair person to come into your home.

Once your computer is back up and running, think about how malware could have been downloaded to your machine, and what you could do to avoid it in the future.

Also, talk about safe computing with anyone else who uses the computer. Tell them that some online activity can put a computer at risk, and share practices for safer computing.

Where to report hacking or a computer virus:

Alert the appropriate authorities by contacting:

Your ISP and the hacker's ISP (if you can tell what it is). You can usually find an ISP's email address on its website. Include information on the incident from your firewall's log file. By alerting the ISP to the problem on its system, you can help it prevent similar problems in the future.

The FBI at www.IC3.gov. To fight computer criminals, the FBI needs to hear from you.

Get more in-depth information from
www.OnGuardOnline.gov.

The Biggest Misconceptions about Identity Theft

2010-01-13T14:51:00.015-06:00

Don't be fooled by the misleading ads and false promises for preventing Identity Theft!

Here's what you really need to know.

There is a great deal of misinformation floating around the internet, and on TV, radio, etc. these days about protecting yourself from identity theft.

Here's a reality check:

Can you actually prevent identity theft?

The answer is "No"! But there are some things you can do to keep thieves from stealing your personal information from your home, your garbage, your computer, etc. (For example, be sure you shred all your bills and other papers with personal information.)

The reality is that identity thieves can find your personal information in many places (as shown above) that are out of your control. So while you can't actually prevent your identity from getting stolen, you can protect yourself against the devastating consequences of identity theft. This is why you need true identity theft protection with iDefend.

Credit fraud is only ONE TYPE of identity theft.

In fact, 67% of identity theft cases involve criminal fraud in other areas besides loans, credit cards, etc. While having loans or credit taken out in your name is a serious problem, most identity theft cases (true identity theft) are discovered in areas like:

Social Security benefits fraud;
Medical benefits fraud;
Checking accounts;
Criminal records;
Bankruptcy;
401k theft;
Tax fraud;
and more . . .

For more information, click here.

Happy New Year Fireworks Around the World!

2009-12-29T15:27:00.007-06:00

Click here to get your own copy from pimp.myYearbook.com!!

Christmas Wishes to You and Yours!

2009-11-24T15:57:00.002-06:00

May You and Your Family Have
the Merriest of Christmases!

Good News about Stranger Danger

2009-10-29T11:48:00.003-05:00

Doing Our Part For National Cyber Security Month.

2009-09-09T09:00:00.002-05:00

October is National Cyber Security Awareness Month.

"Protect Yourself Before You Connect Yourself".

National Cyber Security Alliance Launches Cyber Security Awareness Volunteer Education (C-SAVE) Program Focuses on bringing Cybersecurity Experts Into Nation’s K‐12 Schools To Educate Students and Teachers about Internet Safety and Security

SAN FRANCISCO, April 22, 2009 – With studies finding that less than 25%** of educators feel comfortable teaching students how to keep themselves safe from online cyber predators, bullies, and online fraud, the National Cyber Security Alliance (NCSA) has focused much of its efforts on providing K‐12 schools with the resources they need to better equip today’s digital generation.

Today at the RSA Conference, the NCSA announced the launch of a nationwide initiative – the Cyber Security Awareness Volunteer Education Program (C‐SAVE) – that is focused on fostering opportunities for cybersecurity experts and IT security professionals to donate their time and tap their expertise to help educate elementary, middle and high school students about Internet security and safety.

“There is an Internet safety and security knowledge gap,” said Michael Kaiser, executive director of the NCSA. “As we evolve into web based culture, our schools have not kept pace in teaching our youth to develop the skills they need to stay safe and secure online. Only 18%** of K‐12 curriculum discusses identity theft and only 22%** of teachers are comfortable teaching about cyberbullying. In these difficult financial times, C‐SAVE provides schools with a cost‐free opportunity to enrich the education experience and help improve the everyday lives of both their students and their teachers. It also provides information security professionals a wonderful opportunity to give back to their community.”

NCSA is seeking motivated individuals and corporations to approach local schools to deliver the C‐SAVE program. A comprehensive set of learning materials designed by a U.S. Department of Education veteran is available at www.StaySafeOnline.org/CSAVE.

Suggested lesson plans designed to meet the developmental level of young people at all grade levels provide clear, easy to understand instructions and tips for working in a classroom setting. In addition, resources are available that allow teachers and administrators to continue the conversation with their students and their students’ parents.

“We are living in a time when many of our children know much more about how to use the technology than their teachers and parents,” said Bill Sanderson, principal of the International Studies Academy high school in San Francisco. “Most of our students spend more time on the computer each day then they do watching television. School and parents have a responsibility to ensure that students can use computers safely, C‐SAVE will help better educate our children by leveraging the expertise of those who bring significant life experience making computers more secure. In turn, this program will also allow our teachers to better understand the online challenges our students face and better prepare them to harness the power of the Internet safely and securely.”

C‐SAVE also provides the opportunity to introduce students to the possibility of cybersecurity as a profession and become part of the next generation of cyber defenders. As part of the lesson plans, cybersecurity professionals are encouraged to talk about their job and the path they took to get to where they are.

EMC Corporation is the world’s leading developer and provider of information infrastructure technology and solutions that enable organizations of all sizes to transform the way they compete and create value from their information. Striving to be active and socially responsible in its local and global communities, EMC encouraged its cybersecurity experts to participate in C‐SAVE. More than 25 EMC security practitioners have already agreed to volunteer at schools from Massachusetts to California and help train more than 1000 families on staying safe online.

“There is no doubt that both our nation’s students and teachers need assistance when it comes to Internet safety and security,” said Roland Cloutier, Vice President and Chief Security Officer of EMC Corporation. “Companies such as EMC and others have a vast amount of resources that can not only help to keep our children safer online, but also foster a better understanding of the responsibilities one must embrace when using the Internet.”

C‐SAVE was launched in collaboration with the NCSA’s K‐12 education working group and its corporate sponsors.

** Data from 2008 K‐12 National Cyberethics, Cybersafety, Cybersecurity Baseline Study. Full results can be found at www.StaySafeOnline.MediaRoom.com/

About NCSA

The National Cyber Security Alliance is a nonprofit organization. Through collaboration with the government, corporate, non‐profit and academic sectors, the mission of the NCSA is to empower a digital citizenry to use the Internet securely and safely protecting themselves and the cyber infrastructure. NCSA works to create a culture of cyber security and safety through education and awareness activities. Visit www.StaySafeOnline.org/ for more information.

Contacts:

Aimee Larsen-Kirkpatrick
National Cyber Security Alliance
Phone: 202-756-3616
email: aimee@staysafeonline.org

Joshua Zecher
463 Communications
202-463-0013, ext. 206
email: mailto:/josh.zecher@463.com

About National Cyber Security Awareness Month

National Cyber Security Awareness month now in its sixth year is a coordinated effort of the National Cyber Security Alliance, The Department of Homeland Security (DHS), and The Multi-State Information Sharing and Analysis Center (MSISAC).

Source: National Cyber Security Alliance

Ringling Brothers and Barnum and Bailey Went "Over the Top"

2009-09-07T11:14:00.003-05:00

Ringling Brothers and Barnum and Bailey went "over the top" with their all-out show and circus performances.

The music! The colors! The unbelievable precision! The animal performances! The comedy! The clowns! All these elements in a 2-hour performance came together in an unseamed cavalcade of acts that were nothing short of "Over the Top" entertainment.

Not only did Ringling Brothers and Barnum and Bailey go "over the top", but they definitely lived up to their name as "The Greatest Show on Earth". Simply outstanding!!!! Or better yet, Way Over the Top!!!!

I greatly admired, and was in awe about, the precision and talents of the aerial performers and those riding circles in the ring.

Visit Ringling Brothers and Barnum and Bailey at

www.Ringling.com/

Staying Safe Online: The Need for Cybersecurity

2009-08-10T22:01:00.006-05:00

On the day that President Obama releases a cybersecurity policy review, hear from experts and officials in the field. This video features:

Janet Napolitano, Secretary of Homeland Security;
William Pelgrin, Chief Cybersecurity Officer of New York;
John Thompson, CEO of Symantec;
Leslie Harris of the Center for Democracy and Technology; and
Jeannette Wing of the National Science Foundation. (public domain)

Protecting Your Family

2009-06-16T14:26:00.006-05:00

Plan to Attend One of Our Free Seminars

2009-05-03T17:52:00.003-05:00

If you work or reside in the Quad Cities of Iowa and Illinois, you might want to join us in our free public seminar held at Musser Public Library from 7:00 p.m. to 8:30 p.m. on any of the following Tuesday evenings:

May 12th or 26th;

June 9th or 23rd;

July 7th or 21st; or

August 4th or 18th.

Musser Public Library is located in downtown Muscatine, Iowa at 304 Iowa Avenue.

RSVP at least 2 days before attending any seminar!

Symantec’s VP Talks About the Impact of Conficker Worm

2009-04-02T10:00:00.002-05:00

CBS correspondent Lesley Stahl met with Steve Trilling, Symantec’s VP of Security Technology and Response, to talk about the impact of Conficker worm. Watch the video here.

Click on video to learn more
about the dangers of the Conficker worm.

My Brochure

2008-09-06T09:25:00.002-05:00

Click here to get your own - Or to open our brochure

Simply Your Life; Secure Your Future

2008-07-23T05:58:00.005-05:00

Because you deserve more from life, we've taken our premium services and bundled them into a single elite offering that will truly Simplify Your Life.

Our exclusive iSimplify Service gives you more of what you need most - your time. We do that by eliminating the time consuming and frustrating hassles with your computer. We'll take complete care of your computer, so you can spend your valuable time on more important things.

The iSimplify Service also gives you real peace of mind knowing that you are well protected against the disastrous effects of identity theft. We provide you and your family with true identity protection so you can leave those worries behind.

Click here to experience the freedom of a simplified life.

Parry Aftab: 5 Things Parents Need to Know about Facebook and MySpace

2008-07-16T09:00:00.008-05:00

The following was aired on Good Morning America today, July 16, 2008, and was posted on the website at ABC News.

For the majority of teens and tweens, networking online isn't just a game, it's a necessity. But parents worry their children don't fully grasp the ramifications of posting personal information online.

There are ways to protect your child. Cybersecurity expert Parry Aftab, who is also the executive director of WiredSafety.org, tells you the five things your child needs to know to keep safe on sites like MySpace and Facebook.

Find Your Teen's Profile

The first thing parents should do is find their child's profile, according to Aftab. Many kids have more than one online profile, so you have to find out how many your child has and where they are. You are entitled to know and the best way to find out is by asking your kids, she said.

You don't want a confrontation. You just want to make sure your kids are safe. Giving them a day to clean up their profile will allow them to cleanse it if they have information or pictures posted that tell too much about themselves, she said.

To see the full story in video and text at ABC News, just click the link below.

5 Tips for Keeping Your Kids Safe Online

To visit WiredSafety.org, click on the banner.

Three Sets of Tips and Tactics to Keep You Safe

2008-07-12T15:16:00.005-05:00

1. Massive Internet security flaw uncovered, July 9, 2008

By Joseph Menn | Los Angeles Times Staff Writer

Security researchers on Tuesday said they had discovered an enormous flaw that could let hackers steer most people using corporate computer networks to malicious websites of their own devising.

For bad news, that's pretty impressive. But there are two pieces of good news: First, no bad guys are known to be using the flaw yet. And second, in a possibly unprecedented display of industry cooperation, virtually every major software company affected is issuing patches to fix the problem.

System administrators will have 30 days to apply those patches -- from the likes of Microsoft Corp., Sun Microsystems Inc., Red Hat Inc. and others -- before the details of the flaw are disclosed at the Black Hat security conference in Las Vegas.

Security experts -- including the man who discovered the flaw, Dan Kaminsky of security firm IOActive Inc. -- hope that the patches are broad enough that evil types won't be able to reverse-engineer them to exploit the vulnerability.

"We got lucky in this particular bug, because it's a design flaw," Kaminsky said in an interview. "It shows up in everyone's network, but the fix is a design fix that doesn't point directly at what we're improving."

US CERT, the Computer Emergency Readiness Team at the Department of Homeland Security, issued an alert Tuesday on the scope of the problem. CERT made the initial discovery seem like child's play.

"It took a couple of hours to find the bug," said Kaminsky, "and a couple of months to fix it." Kaminsky said he stumbled across the hole in the so-called DNS system for steering people to the websites they are seeking "by complete and total accident." Smaller DNS flaws have been used before to "poison" the servers that send people to the numerical address of the website name they enter.

But this failing is at least one order of magnitude bigger, and perhaps several.

"This is about the integrity of the Web, this is about the integrity of e-mail," Kaminsky said. "It's more, but I can't talk about how much more."

joseph.menn@latimes.com

2. Protecting Yourself Against Identity Theft

Brian Gardner, June 24, 2008

www.HackerScan.org/identity-theft/

About Hacker Scan organization:

Hacker Scan is an organization dedicated to raising awareness and informing the public about Internet Security including: identity theft, network security, and security software.

Identity Theft topped the Federal Trade Commission's list of consumer complaints in 2002 costing consumers $343 million during that year. Approximately 500,000 Identity Theft victims filed a police report in 2001 alone.

Identity Theft is the act of using someone else's personal information (e.g. account numbers, driver's license, insurance card, or Social Security number) without their knowledge and using the assumed identity to commit fraud or theft. Often, the personal information is used to get loans or open credit card accounts. Some victims of Identity Theft have lost job opportunities, been refused mortgages and been left with destroyed credit and reputations.
Identity Theft victims and financial experts have offered many precautions to help protect against this crime, including:

Keep track of personal information and only share that information with a company that is known and trusted. Read and understand the fine print in every document.
Protect your Social Security number and mother's maiden name. Avoid giving personal information out over the phone. Avoid posting your Social Security number online, on your checks, outside of envelopes, on driver's license, etc.
Minimize the number of identification information and financial cards carried in a wallet.
Sign all new credit cards upon receipt. Write "Check ID" after your signature as a note to shopkeepers to ask for identification.
Keep new and canceled checks in a safe place and report lost or stolen checks to the issuing financial institution immediately.
Never leave receipts at bank machines, bank counters, public trash receptacles, or unattended gas pumps. Save them to match against your monthly bills, and then shred them.
Buy only from secure Internet sites. Look for the closed lock icon to appear at the bottom of your browser or "https" to display in the URL to check the site's security status.
Shred any documents that have any personal information or credit account numbers on them before discarding, including tax returns and unwanted credit card offers.
Report all lost or stolen credit cards. If you applied for a new credit card and it has not arrived in a timely manner, call the bank or credit card company that is issuing the card.
Follow up with creditors if bills do not arrive on time. A missing credit card bill could mean an identity thief has changed your billing address to cover his/her tracks.
Notify credit card companies and financial institutions in advance of any change of address or telephone number. Make sure to contact the sender if your statements are not received in the mail by their usual time.
Monitor your credit. Check your credit report regularly from the three national credit reporting agencies for any unfamiliar changes, such as new accounts, inquiries, or public records.
Review your Social Security Earnings and Benefits Statement annually to check for fraud. If you haven't received one lately, you can call 1-800-772-1213.

Keeping an eye on your financial statements and regularly monitoring your credit report can help protect you against the extensive damage of Identity Theft.

3. Law Enforcement Resources:

You're not alone. Here are 2 cybercrime-fighting online resources rolled into one for your convenience. Please file this in a safe place for future reference. You never know when you'll need it!

The Internet Crime Complaint Center (www.IC3.gov) was established as a partnership between the Federal Bureau of Investigation (www.FBI.gov) and the National White Collar Crime Center (www.NW3C.org) to serve as a means to receive Internet-related criminal complaints and to further research, develop, and refer the criminal complaints to federal, state, local, or international law enforcement and/or regulatory agencies for any investigation they deem to be appropriate.

The IC3 was intended, and continues to emphasize, serving the broader law enforcement community to include federal, as well as state, local, and international agencies, which are combating Internet crime and, in many cases, participating in Cyber Crime Task Forces.

Since its inception, the IC3 has received complaints crossing the spectrum of cyber crime matters, to include online fraud in its many forms including Intellectual Property Rights (IPR) matters, Computer Intrusions (hacking), Economic Espionage (Theft of Trade Secrets), Online Extortion (blackmailing), International Money Laundering, Identity Theft, and a growing list of Internet facilitated crimes. (And the list grows each day).

Since June 2000, it has become increasingly evident that, regardless of the label placed on a cybercrime matter, the potential for it to overlap with another referred criminal matter is substantial. Therefore, the IC3, formerly known as the Internet Fraud Complaint Center (IFCC), was renamed in October 2003 to better reflect the broad character of such matters having an Internet, or cyber, nexus referred to the IC3, and to minimize the need for one to distinguish "Internet Fraud" from other potentially overlapping cyber crimes.

My Online talk Show's Going Live July 5th!

2008-07-01T19:03:00.011-05:00

I'm proud to announce that my talk show went online July 5th from 1:00 to 2:00 p.m., Central Time.

To convert to your local time, click the link below:

www.TimeandDate.com/worldclock/converter.html

Free Call-in! Free Listen-in!

Join in the Discussion!

Free Gift to the First 100!!

Click www.BlogTalkRadio.com/StayingSafeOnline to share
your experiences, good and bad, about staying safe online.

First Two Key Questions about Computer Safety for Your Home or Business

2008-05-09T05:27:00.007-05:00

The following is an excerpt from my report, "Twelve Key Questions about Computer Safety for Your Home

or Business". Email me to request your free copy.

Safety technology is only a part of an overall safety plan. If you own a small business or a home-based business, or simply use your computer to surf the Internet or email you friends and family, developing a comprehensive safety plan should be a very important part of your overall safety strategy. The best move is one of Prevention! Prevention! Prevention!

With that in mind, here are the twelve questions you need to be asking, or, at least, be thinking about if you're serious about preventing or stopping safety risks, threats, and attacks:

Do I have a solid safety policy? If you don't, begin immediately to get sample safety plans, policies, and best practices for your business and/or home.
Where would I go for key information and news on keeping my information private? Search the Internet for managed safety services. Ask if they provide a free computer test to assess your computers level of vulnerability. Ask if they provide the latest tips to keep your privacy and protect your personal information and that of your business. Or simply - ask me.

To request your free copy of the 12 key questions,
simply email me at egibbs@myinvisusdirect.com

Free Sound Advice from an Attorney

2008-03-06T19:57:00.014-06:00

A corporate attorney sent the following safety tips to employees where he worked. I'm privileged to share them with you.

Read them and print out a copy for your files in case you may need to refer to them someday. The tips sound like solid advice we should be following daily!

Do not sign the back of your credit cards. Instead, put "Photo ID Required".
When you're writing checks to pay your credit card accounts, DO NOT put the complete account number on the "For" line. Instead, just put the last four numbers. The credit card company knows the rest of the number, and anyone who might be handling your check as it passes through all the check processing channels won't have access to it.
Instead of your home phone number, put your work phone number on your checks. If you have a Post Office Box, use that instead of your home address. If you do not have a PO Box, use your work address. Never have your Social Security number printed on your checks. (DUH!) You can add it later if it is necessary. But if you have it printed, anyone can get it.
Place the contents of your wallet on a photo-copy machine. Do both sides of each license, credit card, etc. You will know what you had in your wallet and all of the account numbers and phone numbers to call and cancel. Keep the photocopy in a safe place. I also carry a photocopy of my passport when I travel either here or abroad. We've all heard horror stories about fraud that's committed on us in stealing a name, address, Social Security number, credit cards.

Unfortunately, I, an attorney, have firsthand knowledge because my wallet was stolen last month. Within a week, the thieves ordered an expensive monthly cell phone package, applied for a Visa credit card, had a credit line approved to buy a Gateway computer, received a PIN number from Dept. of Motor Vehicle to change my driving record information online, and more.

But here's some critical information to limit the damage in case this happens to you or someone you know:

5. We've been told we should cancel our credit cards immediately. But the key is having the tollfree numbers and your card numbers handy so you know whom to call. Keep those where you can find them easily.

6. File a police report immediately in the jurisdiction where your credit cards, etc. were stolen. This proves to credit providers you were diligent, and this is a first step toward an investigation (if there ever is one).

But here's what is perhaps most important of all:
(I never even thought to do this.)

7. Call the 3 national credit reporting organiza-tions immediately to place a fraud alert on your name and also call the Social Security fraud line number. I had never heard of doing that until advised by a bank that called to tell me an application for credit was made over the internet in my name. The alert means any company that checks your credit knows your information was stolen, and they have to contact you by phone to authorize new credit.

By the time I was advised to do this, almost two weeks after the theft, all the damage had been done. There are records of all the credit checks initiated by the thieves' purchases, none of which I knew about before placing the alert. Since then, no additional damage has been done, and the thieves threw my wallet away this weekend (someone turned it in). It seems to have stopped them dead in their tracks.

Now, here are the numbers you always need to contact about your wallet, etc. has been stolen:

Equifax: 800-525-6285
Trans Union: 800-6807289
Experian (formerly TRW): 888-397-3742
Social Security Administration (fraud line): 800-269-0271

More Time! Financial Freedom! A Better Way of Life!

2008-02-14T21:35:00.003-06:00

We are on a mission to secure the lifestyles of people everywhere who want more from life.

This is the hottest up-and-coming real business opportunity everyone is talking about.

Click here to listen to what these people have to say about this fun and exciting business!

Simplify Your Life with Hassle-Free Computing

2007-10-03T17:30:00.002-05:00

Click on either image to enlarge and download as PDF file.

What Customers Had to Say

2007-10-01T08:00:00.002-05:00

Thanks for your help today! Your technician diagnosed my computers problem first try. Michael knew exactly what was wrong and how to fix it. It was great how I gave him access to my computer and I did not even have to stay on the phone, I felt a little guilty that I was making myself a sandwich when Michael was hard at work. Thank you INVISUS and nice work! - David Skillings

I would like to thank Joel for his superb customer service and expertise in the technical support area. This virus had no chance with the knowledge and thoroughness Joel brought to the situation. I would forward him to any one of my clients. Thanks again!!! Laptop runs great! - Byron Talbert

Today, I received some very excellent tech support service from one of your company technicians. It was wonderful experience to receive such fine tech computer support. She was always courteous and displayed excellent skills and knowledge when assisting to resolve my tech problem. If this is an example of her daily accomplishments, she indeed is deserving of employee recognition. She represents your company outstandingly! Thank you INVISUS for being a fine customer oriented company and for employing people of this high caliber. - David Willis, Owner, Davco Online Sales

I somehow got a virus on my computer so right away I thought, “Who am I going to call?” Of course, INVISUS! I called up and spoke with Mike. I have been a subscriber to INVISUS a long time and have always had great technicians help me out. Mike was really GREAT in all the help he provided for me. He was working on the problem and trying to get my computer back to normal for at least 2 hours if not more. After it was back in working order he told me to run a few scans and he would call back Monday morning to see how everything was working. That he did, just when he said he would call. It is this exact reason why I stay with this service, not only is the software phenomenal but the customer service is the best I have ever had. Thanks! - Mark Pecho

I am very pleased with the great service I always get with INVISUS. Scott has helped me before, and when I have been near a basket case from worry, he has given me the calm assurance that he would fix everything for me, and he did! I am very grateful to have you watching out for my computer and me. It is well worth every penny I spent on it, and more! - Carol Baker

Sarah was awesome. She solved my problems with the anti-virus in record time and cleaned up the excess garbage in my computer at the same time. She is really a "keeper." I think she deserves a raise. Thanks again Sarah!!! - Jim Kniff

We just purchased the Invisus service yesterday and are already pleased! We were having problems and Clint was great! So polite and professional and didn't seem at all annoyed by, what I'm sure he considered to be, 'no-brainer' questions. I didn't feel at all pressured and his explanations were clear and easy to understand. We are feeling much more secure with this security system on our computer. Thank you very much INVISUS! - Cameron & Donna Pope

After a long period of "no problems," I had a bunch of issues this week on 3 of my 4 PC's, and so I had to call in more than once. Wait times were very reasonable. Service was excellent. Sarah and Chelsea were friendly, professional and had great follow-up. All issues were resolved in a prompt and thorough manner. Maybe you should start a 2nd business teaching other tech support outfits how to perform excellent customer service. (Let me know, I'll send you my wish-list of clients). Thanks. - Mindy Baransky

Hi! I appreciate the effort that Andrea gave to help this 64 yr old guy to get his computer protected with your suite of programs. My 5 yr old computer which was protected with this program for over 2 yrs quit, and she helped me install the program on my new computer and resolved the problems I was having. Many thanks for the younger generation growing up with a "Sippy Cup" in one hand and a computer mouse in the other. Once again, thank you and God Bless. - Dennis J. Miechruski “Jack"

Hi, I just wanted to say what an excellent job Bryce did today with getting my computer set up and running with your service. He connected directly to my pc and did all the work for me. Wow! - David Riebe

Through my own goof up I managed to delete INVISUS from my computer.

I felt vulnerable without it … so I called for help and was transferred to Tech Support. My technician was courteous, helpful, and knowledgeable. He took over my computer and worked quickly to protect my computer from viruses, spyware, and he installed the Invisus Firewall for me. He was fast and thorough. I can't speak highly enough about how he did his job. His work rated an Excellent Plus. - Bill Bradney

I would like to say that Clint was my computer angel. I was so worried that my computer had crashed; I cannot thank him enough for saving my computer. I would also like to say that all of you at INVISUS are so wonderful and so helpful. Thank you! - Kathy Nance

Thank you for your excellent support and service you provide. I am always so thrilled to work with everyone on the INVISUS team! Everyone is so polite, professional, and helpful when I call. It is rare to see excellent customer service in today's world but you provide it every day. You guys rock! - Fran Johnson

You guys did a great job today helping me install my additional subscription to my laptop. I love that I can call up customer service and right away they are willing to help me order an additional subscription and then within minutes be transferred over to technical support for them to set up the service for me. I couldn't have done it without you. In fact, you did it for me! - Nancy Tessier

This is the first time I have worked with Scott C. I found him to be very professional. I most appreciated his quickness is resolving my problem.

I had error messages that I would think he had heard many, many times before. However Scott let me talk completely and tell him the whole story before commenting. His tone of voice was that of a caring person and not that of a “know it all” even though he knew exactly what it was I was talking about.

Thank you Invisus for hiring Super Talented Tech support people who truly care about us. - Tim Clark, LifeStyle Designer, AboveCeoPay.com

I just wanted to compliment your Tech Support service for helping me today. Doug took care of my problem remotely and that is the part that I love about Invisus. I never got that kind of support from the other major Anti Virus/Spyware companies. I am not a tech person and this level of service is priceless to me, it saves me Money and most of all FRUSTRATION when faced with a computer issue I cannot figure out. Doug was courteous and professional. Thanks! - Javier

Just wanted to let you know how much I appreciated the help getting set up today. It was all new to me, but I wasn’t treated like I was some kind of idiot which I was afraid would happen. I appreciate the encouragement in the paperwork that says to call you first. After the service I received today I'll be sure to do that. Thanks, again! - Katy Ludwig

Your service technician was professional, respectful, patient, and fixed time consuming problems on both of my networked computers. I apologize for not remembering his name, but either way, if more people were like him, the world would be a better place!

Thank you! - Tony Brown, President, Highlands Professional Motorcycle Training Corp.

My technician did a great job for me today. His willingness to "look around" and investigate various reasons as to why my computer was running slow made me feel that I made the right decision to use INVISUS. He helped set up access to my office server and gave [my firewall] "permission" so I didn’t have to turn my firewall off and risk exposure. Where could you get that kind of support included in a low month fee? Thanks again! - John Gebbie

I'm so-o-o glad I don't have to think about this very often, and just occasionally wonder if it's still working! And suddenly a problem arose, and it is really pleasing to find the help I needed so quickly and readily available. Thanks a million!! - Carolyn Allen

We would like to thank you for the help you gave us, and again we would like to say how happy we are to be with INVISUS. It is nice to know that we have great security for our computer. In closing we would like to say that all of your techs have always been great to deal with. They have been patient and courteous each time we have dealt with them.

Thank you, - Tom and Phyllis Mercier, Founding Member of the Partnership for Critical Infrastructure Security

Wondering Why Your Computer Acts Weird?

2007-09-16T10:31:00.001-05:00

Unwanted advertising software or "adware" has evolved from an annoyance into a serious threat to the future of Internet.

Why? Every day, thousands of Internet users are duped into downloading adware programs they neither want nor need. Once installed, the programs bog down the computers' normal functions, deluging users with pop-up advertisements, creating privacy and security risks, and generally diminishing the quality of the online experience.

Some users simply give up on the Internet altogether after their computers are rendered useless by the installation of dozens of unwanted programs.

Although it may be somewhat disguised, it's happening on MySpace, too!

Read about Adware's 'Dirty Little Secret'. Go to:

www.cdt.org/privacy/20060320adware.pdf

Survey Shows Users of Social Networking Sites Tend to Reveal Their Personal Info

2007-08-14T17:39:00.002-05:00

Social networking users could be putting themselves at risk of identity theft by giving away personal details too easily, research out today suggests. Two in five people who use the social networking site revealed personal information to a stranger, according to a snapshot survey. They gave email addresses, dates of birth, addresses and even phone numbers to an unknown user.

Technology firm, Sophos, set up a profile page on the website with a picture of a green frog called Freddi Staur – an anagram of I.D. fraudster. Sophos then sent 200 “friend requests” to Facebook users from the frog. It got reactions from 87 people, of which 82 gave away some of their personal information.

Of the 41% of respondents who leaked personal details, 87% gave their education or workplace, 84% listed their dates of birth and 72% gave one or more email address. Nearly a quarter (23%) even listed their phone numbers, Sophos found.

Facebook users can either accept or reject incoming “friend requests”. Users can also choose whether to let the sender see all their details or a limited part of their profile.

In most cases “Freddi” had access to the respondents’ photos of family and friends, likes and dislikes, hobbies, and other personal information.

Sophos senior technology consultant, Graham Cluley, warned: “What’s worrying is how easy it was for Freddi to go about his business. He now has enough information to create phishing emails or malware specifically targeted at individual users or businesses, to guess users’ passwords, impersonate them or even stalk them.”

Some of the respondents who did not accept Freddi’s friend request replied with messages such as “Who are you?” and “Do I know you?”. Even these brief replies gave Freddi access to the respondents’ Facebook profiles in most cases.

Sophos praised Facebook’s privacy settings, saying they were better than many of those offered by other social networking sites. The firm urged users to make full use of Facebook’s privacy features and to be wary of unsolicited messages received via the website.

Cybercrime, Computer Hacking, and Spyware Attacks: Trend, Tragedy, or Opportunity?

2007-08-12T15:37:00.002-05:00

The more I study and learn about the dark, criminal side of the Internet, the more convinced I become about the opportunity it presents to offer a base of services for my loved ones, friends, and acquaintances via direct security services and online education. That's why, as an Internet Safety Advocate and Educator, I devote the bulk of my time educating them and the public about the dark side and the protective steps they can take.

On a campaign for Internet safety awareness and protection, my mission is to bring critical awareness to individuals, families, and small business owners, and provide access to the necessary tools and ongoing expertise to secure their computer and help them stay protected. I have taken on this mission so that they can help take back the Internet, making it safe for themselves, their children, and their children's children.

Internet threats to our families, our businesses and our country have already reached epidemic proportions. And according to the federal government and leaders in the Internet and computer industries, it's only going to get worse. There's been a 543% increase in reported cyber-attacks in the United States since the year 2000.

And more than 27 million adults in the United States are now victims of credit and identity theft. This is a extremely significant problem for every Internet user. With almost 3 million new Internet users coming online every month in the United States alone, personal Internet security is the hottest new upcoming trend in the technology industry. There is an enormous need for the Internet security solution!

Ever wish you could have owned Microsoft or iPod stock from their early days? Do you have any idea how rich you would be today? Success in business has a lot to do with timing. You just need to be in the right place at the right time. Internet users are just now starting to realize the need to do something about protecting their online privacy and security. Everyone you know who uses the Internet is just now beginning to think about the whole security problem.

Soon, the demand for Internet security products and services will reach a frantic pace, and Internet security will become a fundamental part of using a computer. In the future, security-in-a-box will go away, and Internet security services will become a giant industry, much like phone, cable, power, and other utilities. Everyone will have their own personal Internet security service.

I encourage you to use this opportunity right now to get involved in the next great technology wave Internet protection services. Take advantage of this opportunity to get in on the ground floor of an entire new industry. You can only begin to imagine what the upside potential is by getting involved with an industry pioneer!

Four Strong Reasons to Become Involved:

Become involved as you pioneer the future of Internet security with the first and only comprehensive Internet protection service for families and small businesses a truly revolutionary solution to an epidemic problem.
Become involved with a pioneering company that is in the direct sales industry as well and is becoming the first and only Internet security company to leverage the power of network marketing.
Become involved with a pioneering company that is becoming the most powerful name in Internet safety and protection, and will be recognized as the first company to successfully help the masses become aware of the threats and get the protection they need.
For your family, your business, your community, and your country, become involved with a company that has launched the industry's first and only Campaign for Internet Safety Awareness and Protection. Together with your input, help protect 10 million families and small businesses from the terrible onslaught of global cyber-attacks against our personal privacy and security.

Although the Internet basically provides a positive and productive experience, cyber-attacks against our personal privacy and security are reaching epidemic proportions. These attacks are occurring in our own homes and businesses. Our own computers are being used are being used as zombies to attack other people, businesses, and even our nation itself. As an average Internet user, you may not be aware of these threats nor have any idea about the dramatically increasing risks you face when connected to the Internet.

I invite you to join the many thousands of others who have tested their computers, discovered these threats are real, and taken the necessary steps to protect themselves.

Now that you have become aware of these issues, I encourage you to share this vital information with your families, friends and communities. Together, we can reach many millions of people and inform them about the threats to their privacy and security, and help them get the protection they desperately need.

Remember: When you help others to say "No!" to hackers and spyware, everyone wins! When you don't, we all lose!

© MMVII, Etienne A. Gibbs, MSW, Your Internet Safety Advocate and Educator

Warning: Criminals Flock to the Internet and to Your Home and Business Computers

2007-07-25T20:28:00.002-05:00

Organized crime seems too be extremely active in the scam known as "phishing" in which they send emails under the guise of being a financial institution or other legitimate organization. In the email they ask unsuspecting victims to verify personal information such as account numbers and passwords. They will target home users who have become the weakest link and they target their victims much more closely than before, by tracking down full names and personal interests. They also skim social networking sites and personal websites where most people have left a digital footprint that can be mined.

Cybercriminals are increasingly trying to trick citizens into giving them their bank account details, according to a published survey which showed such "phishing" attempts almost doubled in the first six months. Over 157,000 unique phishing messages were sent out around the world in the first half of 2006, an increase of 81 percent compared with the six-month period to end-December 2005. Each message can go to thousands or hundreds of thousands of consumers, according to the bi-annual Internet Security Threat Report from security software vendor Symantec.

Another trend in the first half of the year is that phishers have become more sophisticated, dodging spam filters and other defense mechanisms designed by service providers and software companies to keep out the criminals.

How much financial damage phishers have caused is unclear and usually at an individual level, which is why phishing does not get the same media attention as "denial of service attacks" aimed to take out a specific web site, or email worms which can shut down millions of computers in a digital equivalent of a carpet bombing. The Internet is still under fire from such attacks, taking about 6,110 different denial of service hits every a day, but unlike a few years ago they cause less damage.

A successful 'denial of server' attack or worm can have ramifications far beyond phishing. Worms have taken down electricity grids. That's why critical infrastructure is now much more resilient. Information technology managers are better prepared and networks are more robust," Whitehouse said.

Increased focus on security, and a willingness from software companies to own up to their mistakes has dramatically cut down the time that computers are at risk, Symantec found. For example, Internet Explorer, the world's most popular browser from Microsoft, has cut the number of days in which hackers can exploit a security flaw to nine days from 25 days six months earlier. Security holes in browsers from Opera and Mozilla Firefox are patched within two days and one day respectively.

Because cybercriminals are becoming smarter and more sophisticated in their operations, they are real threats to your personal security and privacy. Your money, your computer, your family, and your business are all at risk.

They leave you with three choices:

Do nothing and hope their attacks, risks, and threats don't occur on your computer.
Do research and get training to protect yourself, your family, and your business.
Get professional help to lockdown your system from all their attacks, risks, and threats.

Now that you have become aware of these issues, I encourage you to share this vital information with your families, friends and communities. Together, we can reach many millions of people and inform them about the threats to their privacy and security, and help them get the protection they desperately need.

Remember: When you say "No!" to hackers and spyware, everyone wins! When you don't, we all lose!

About the Author:
As an Internet Security Advocate and Educator, Etienne A. Gibbs consults with individuals, small business owners, and home-business entrepreneurs regarding online protection against spyware, viruses, malware, hackers, and other pc-disabling cybercrimes.

Canada Is Open to Build Your Team of Advocates!

2007-06-17T09:18:00.002-05:00

Canada was officially OPEN June 15, 2007! New Internet Safety Advocates are signing up right now.

Whether or not you are Canadian or know anyone in Canada, the opening of Canada can mean more MONEY for you. This business opportunity has expanded into Canada and now you have an international business with INVISUS Direct.

The INVISUS Direct business opportunity has officially expanded internationally with the opening of the Canadian market today. This is a very exciting milestone for the company and for many Internet Safety Advocates (ISAs) who have been working hard to expand their team into this new market.We’ve been in Pre-Launch for the past 2 weeks to build for this day. Now it’s time to pick up the pace and get busy building Internet Safety Advocate organizations in Canada. It’s time to build out a nationwide network of Canadian Internet Safety Advocates.

Canada Launch Plan (Business Briefings
and Internet Safety Advocate Training)

The company has planned a complete Canada Launch Plan full of nationwide business briefings and live Internet Safety Advocate training events conducted by top Internet Safety Advocate leaders who you can tap into through mid-July. New Internet Safety Advocate are invited to be on every Internet Safety Advocate training call and invite their guests at every Business Briefing call.

Quickstart Internet Safety Advocate Training
and Business Briefing Calls:

Saturday, June 16, New ISA Orientation Training,
(8:30 a.m. Mountain Time or 10:30 a.m. Eastern Time)
Saturday, June 16, Business Briefing,
(9:30 a.m. Mountain Time or 11:30 a.m. Eastern Time)

Tuesday, June 19, INVISUS Service Training,
(7:00 a.m. Mountain Time or 9:00 am Eastern Time)
Thursday, June 21, Business Briefing
(7:00 p.m. Mountain Time or 9:00 pm Eastern Time)
Saturday, June 23, ISA Training
(9:30 a.m. Mountain Time or 11:30 am Eastern Time)
Tuesday, June 26, INVISUS Service Training
(7:00 p.m. Mountain Time or 9:00 pm Eastern Time)
Thursday, June 28, Business Briefing
(7:00 p.m. Mountain Time or 9:00 pm Eastern Time)
Saturday, June 30, ISA Training
(9:30 a.m. Mountain Time or 11:30 am Eastern Time)

Tuesday, July 3, ISA Training
(7:00 p.m. Mountain Time or 9:00 pm Eastern Time)
Thursday, July 5, Founder’s Call
(7:00 p.m. Mountain Time or 9:00 pm Eastern Time)
Saturday, July 7, ISA Training
(9:30 a.m. Mountain Time or 11:30 am Eastern Time)
Tuesday, July 10, ISA Training
(7:00 p.m. Mountain Time or 9:00 pm Eastern Time)
Thursday, July 12, Business Briefing
(7:00 p.m. Mountain Time or 9:00 pm Eastern Time)
Saturday, July 14, New ISA Orientation and Training
(9:30 a.m. Mountain Time or 11:30 am Eastern Time)

For all Calls, Dial: (435) 871-6000 and enter 2000#

Remember:

The question is, in this brand new market, how large do you want your organization to be? How much do you want to make? Remember, these moments don’t happen very often. You’d be wise to take the time right now to get your business growing in Canada.

NOW IS THE TIME to contact everyone you know in Canada, invite them to evaluate this business, listen in on the conference calls, and be get started.
NOW IS THE TIME to contact everyone in your organization and find out who they know in Canada – and help them get their prospects on the upcoming calls.

NOW IS THE TIME to get referrals from everyone you know for people they might know in Canada.

Signing up Internet Safety Advocates in Canada:

Just contact me and I will help you get signed up as an Internet Safety Advocate in Canada right now. Complete details of doing business in Canada – how Canadian Internet Safety Advocates are paid, how the INVISUS PC Security Service works for Canadian subscribers, etc. are all included in the Canada Launch Flyer. Be sure you read all the information there.

See you on the Business Briefing and ISA Training Calls!

BlogCatalog Bloggers for Good Fundraising Challenge

2007-05-26T08:28:00.000-05:00

The week of May 28, 2007 BlogCatalog members and other bloggers will be posting on their blogs to raise awareness about

Bloggers and their viewers will be raising and donating money for students and schools in New Orleans and other parts of the country. Won't you help meet the Challenge by choosing to fund a Specific Challenge?

ia a non-profit Web site that brings teachers and donors together to fund specific student projects that range from "Magical Math Centers" ($200) to "Big Book Bonanza" ($320), to "Cooking Across the Curriculum" ($1,100). Any individual can search such proposals by areas of interest, learn about classroom needs, and choose to fund the project(s) they find most compelling. In completing a project, donors receive a feedback package of student photos and thank-you notes, a teacher impact letter, and an expenditure report showing that their tax-deductible gift was spent as directed.

is a simple way to provide students in need with resources that our public schools often lack. At this not-for-profit web site, teachers submit project proposals for materials or experiences their students need to learn. These ideas become classroom reality when concerned individuals, whom they call Citizen Philanthropists, choose projects to fund.

To meet the challenge for this underserved non-profit organization that does so much good for our children and our schools, click the logo to pick the project you wish to support.

Beware PC Attack Called Drive-By Pharming

2007-05-13T17:00:00.002-05:00

Hackers are sophisticated enough to control your computer while you're using your wireless network.

Click below to see the full story on ABC News:

Drive-By Pharming.

Not to worry, though. There's a simple solution.

Help Stamp Out Hackers and Spyware! Put Insight Newspaper in Your Lobby or Waiting Room

2007-05-03T03:00:00.002-05:00

Join the campaign!

Help stamp out hackers and spyware!

The Insight newspaper is part of our current campaign to educate the public about the dangers of the Internet.

Fun and easy to read, it helps readers become aware of the cyber-crime epidemic, and learn a little about the amazing Invisus PC Security Service and its great business opportunity.

Get your free copy of Insight for your waiting room or lobby.

In full color, it’s an eight-page newspaper with a fantastic pullout Special Business Section of safety and security information for staying safe online!

Because many people still prefer to read something in print rather than go online and read, Insight gives you the media to put a constructive and educational reading material in their hands. It is a powerful source of credible information presented simply and professionally.

Now you can have a free newspaper to give your customers or clients to read while they wait in your lobby or waiting area.

To get your free copy, click the red Test button to the right, take the free scan so you can see first hand, then enter your contact information in the comment box on the next page, and I will get back to you within 24 hours.

Scammers Use "Vishing" (Email and Voice Technology) to Stay Ahead of the Game

2007-04-29T09:28:00.002-05:00

The Better Business Bureau warns of the latest scam known as "vishing" - short for "voice phishing."

Here's how it works: Because scammers know that by now most experienced Internet users know better than to click on imbedded hyperlinks in strange e-mails for fear of being "phished" and having their identities stolen, the scammers now send emails with "local" or toll-free numbers. Posing as a bank or credit card company official in the email, the scammer provides a "local" or toll-free number for his targeted victim to call to straighten out some alleged security matter regarding the victim's account.

(Note: Male or female, young or old, it doesn't matter; the scammer doesn't discriminate when it comes to his victims. The only form of discrimination one will find is in terms of ease of manipulation or victimization.)

When the victim calls, he reaches an automated attendant prompting him to enter his account number, password or other private information for "security verification" purposes.

According to the BBB, there are several steps you can take to protect yourself against these scams. Here are some tips they offer:

Look and listen for any of these telltale signs:

There is an implied urgency. What to do: If you receive a "vishing" phone call in follow-up to a recent "vishing" e-mail, hang up immediately. Then call your bank, using the phone number on the back of your debit or credit card to report the matter.
They ask you to verify account information. What to do: Be aware that banks do not use prerecorded messages to handle security issues. If they telephone you to report suspicious use of your card, they do not need to request identifying information because they already have that on record.

They may contain misspellings. What to do: Report and/or discard immediately. If you are not sure, call your bank for clarification.

They include "local" or toll-free numbers. What to do: Do not automatically trust a phone number based on its local area code. Con artists can hack into Caller ID systems, and VoIP users can assign any area code to a phone number.

Finally, if you think you have been a victim of a "vishing" scam, visit the Federal Trade Commission's Consumer Information Web site at www.FTC.gov/ for more information and reporting assistance.

Case Study: George Rodriquez Became Victim of Latest Identity Fraud

2007-03-25T06:38:00.002-05:00

George almost lost $60,000 of his 401K after someone logged on and was about to sell his account. He was lucky; he happened to see it while it was occurring and stopped it.

See the full story on Good Morning America's

Online Hazards in Hotels.

Travelers using computers at hotel business centers put their accounts at risks.

Case Study: Woman Faces 40 Years for Porn-Infected PC (Crazy, but True)

2007-03-14T02:30:00.002-05:00

Steve Bass writes Tips & Tweaks for

Wednesday, January 24, 2007 3:35 PM PT
Posted by Steve Bass

But that's not all. Be sure to read his Tips & Tweaks Column on his blog. And the follow-up story: Take Action: Julie Amero Porn Case

Now here is a synopsy of his original story:

Woman Faces 40 Years for Porn-Infected PC (Crazy, but True)
(Click above to read the four-part story in its entirety.)

Have you ever faced a pop-up that wouldn't go away? You try clicking it closed and another pops up in less than a nanosecond. You grunt in annoyance and reboot the system, annoyed that your anti-spyware program let something slip through.

That's annoying, sure--but the chances are good that your experience won't land you in jail.

Substitute Teacher's Worst Nightmare

Julie Amero, a substitute teacher in Norwich, Connecticut, has been convicted of impairing the morals of a child and risking injury to a minor by exposing as many as ten seventh-grade students to porn sites.

The story is short: On October, 19, 2004, Amero was a substitute teacher for a seventh-grade language class at Kelly Middle School. A few students were crowded around a PC; some were giggling. She investigated and saw the kids looking at a barrage of graphic, hard-core pornographic pop-ups.

The prosecution contended that she had used the computer to visit porn sites.

The defense said that wasn't true and argued that the machine was infested with spyware and malware, and that opening the browser caused the computer to go into an endless loop of pop-ups leading to porn sites.

Amero maintains her innocence. She refused offers of a plea bargain and now faces an astounding 40 years in prison (Her sentencing was on March 2).

Case Studies: "Victims of Hackers and Other Cybercrimes"

2007-03-05T05:45:00.002-06:00

Starting today, I will be presenting stories of real people whose lives have been turned upside down by hackers.

First, here are two video stories by

You Have Been Hacked
Crimes Committed on Your Computer: Hackers corrupted a teenager's computer, and he nearly went to prison.
You Could Be Hacked: A Follow-up
An update on the family whose son was nearly arrested for porn on his computer.

Followed by an online report by Red Tape Chronicles at

In An Instant, Retirement Savings Vanish
An article by MSNBC's Bob Sullivan who covers Internet scams and consumer fraud for MSNBC.com. Read about how, in an instant, $79,000 in Dave DeSmidt’s retirement account after 25 years of savings had disappeared.

The winner of multiple journalism awards for his coverage of online crime, Bob is the author of the book:

Your Evil Twin: Behind the Identity Theft Epidemic.

Got some red tape you want Bob to untangle?

Write Bob at:

BobSullivan@feedback.msnbc.com

Welcome to Your First Step Towards Your Home and Business Computer Security

2007-02-16T20:11:00.002-06:00

The reality is that staying safe online now requires a great deal of experience and constant maintenance. Chances are, you are not keeping up with everything you need to be doing to protect yourself. In fact, very few people have the time, the expertise or the desire to continually manage their own computer security. And Internet predators are counting on that! INVISUS is the answer.

Major corporations and government agencies have been successfully waging the war against cyber-crime by paying big money for professionally managed Internet security services. Hackers have now turned their attention to much easier targets - homes and small businesses.

While large institutions with deep pockets are able to defend themselves from constant attacks, the rest of us don't have access to, and cannot afford to pay for corporate level managed security services - UNTIL NOW. The future is here, and it's in managed Internet security services for the masses.

Now, for the first time, you can subscribe to a professional Managed Internet Security Service, and get the same type of protection used by big companies from around the world.

Fourteen Key Questions about Computer Safety for Your Home and Business

2007-01-06T09:00:00.004-06:00

Fourteen Key Questions about Computer Safety
for Your Home and Business
Courtesy of Etienne A. Gibbs, MSW
Internet Safety Advocate and Educator
www.SayNotoHackersandSpyware.com/

Safety technology is only a part of an overall safety plan. If you use your computer in your small business or home-based business, or simply use it to surf the Internet, or email your friends and family, then developing a comprehensive safety plan should be a very important part of your overall safety strategy to protect your personal and financial files and those of your family. The best move is one of Prevention! Prevention! Prevention!

With that in mind, allow me to share with you 14 questions you need to be asking, or, at least, be thinking about, if you're serious about preventing or stopping safety attacks, risks, and threats:

1. Do I have a solid safety policy? If you don't, begin immediately to get sample safety plans, policies, and best practices for your business and/or home. You may want to search Google using the keywords, “computer safety plans”, for a list of online resources.

2. Where would I go for key information and news on keeping my information private? Search the Internet, for “managed computer safety services”. Ask the sources you select if they provide a free computer test to assess your computers level of vulnerability. Also ask them if they provide the latest tips on how to keep your privacy and protect your personal information and that of your business. Or simply - ask me.

3. Does my disaster recovery plan include redundant back-up and data recovery systems? Understand what a good data back up system is and how to best recover from a disaster. Search Google or Wikipedia using the keywords, “good data back up system”.

4. Do I know how to create safe passwords? Learn how to write virtually un-crackable passwords. Search Google using the keywords, “writing safe passwords”, for a full list of legitimate and bona fide sources of this educational information.

5. What or who is a hacker? A person who uses and/or creates software technology to break into the computers of individuals, businesses, government, and organizations for personal gain is known as a hacker. After he, she, or they hack into a computer, they can control it secretly by remote, making it a "zombie computer”.

6. What is "drive-by hacking"? Because wireless Internet access points have become popular for homes and businesses, computers at these locations have become a major target for hackers. In this new phenomenon, called "dive-by hacking", hackers simply take their laptop computers in their cars and drive through business parks or residential neighborhoods remotely scanning for open wireless networks. (And they don’t even have to enter your home or business to steal your valuable information.)

7. How do hackers break into home and business computers? If they don't have the break-in software, they can buy it off the black market, or create it themselves. With this technology, they use their malicious software to look for holes in the computers of their targeted victims. This is what hackers in Malaysia are doing with the new Microsoft Vista Windows.

8. To what extent might my home or business computers be vulnerable to hackers, their tools, viruses, etc.? You’ll never know unless you take the time to test your computers to see what holes are open and by what backdoors (up to 65,000 portals) are malware entering your computer. If your son or daughter is downloading free music, games, or screensavers, more than likely they are also downloading hidden spyware. (That’s why they’re called spyware.) Again this is what they are doing with the new Microsoft Vista Windows.

9. I have all the safety measures, anti-virus, anti-spyware, and firewall I need. Can my computer still be hit by hackers and other pc-disabling attacks, risks, and threats? Again, depending on the safety measures you have on your computer and the sophistication of the hacker's software program, your computer(s) might or might not be compromised. Remember: Cybercriminals are superintelligent criminals! They somehow always seem to stay one step ahead of authorities and anti-cybercriminal software.

10. What do I do if my employees or family members are my biggest safety risk? Sad, but true, the Federal Trade Commission has reported that employees have stolen something more valuable than money from their employees. Learn about social engineering and insider hacking. Or simply - ask me.

11. How do I train my employees or family members to be safe? Get all leading research on what to teach about safety. Or simply - ask me.

12. Would I know if someone tries to hack into my computer? Depending on the safety measures you have on your computer and the sophistication of the hacker's software program(s), you might or might not be aware. Using keylogging programs, these cybercriminals can secretly see and record every keystroke you enter on your computer, thereby gaining access to all your private and personal information without your knowledge.

13. In case someone does hack into my computer(s) and steals my (or my family’s) identity, what chances of recovery do I have? It all depends upon the severity of the damage done and the time that has elapsed before discovery. Search for a company that offers comprehensive identity recovery services (including all types of identity theft, not just your credit); one that will continue to work on your behalf until your identity has been restored to its pre-theft status; and one that includes $25,000 identity theft expense reimbursement insurance. Be sure that the company also includes in its services full identity monitoring (the proactive monitoring of all forms of identity theft, including credit fraud); and have fully trained professionals to handle it all for you from beginning to end so you won’t have to. Or simply - ask me.

14. Where can I find comprehensive services that will give me full protection of my identity, my financial records, and my computers and for my family all at the same time? I do not know of any one company offering a fully comprehensive set of managed care services except one. If you do not already have access to such a service that offers unlimited service by subscription, a set-up service to insure that the software programs are set up properly on your computers; a full-service legal plan for you and your family for any legal issue with free services including simple wills, unlimited phone and face-to-face conversations, legal document reviews, and discounted and fixed legal fees for extensive legal matters and representation; ongoing service with first month free and includes automatic software updates, free software upgrades, identity theft insurance, safety advisory alerts; and fast, easy, and unlimited telephone access to technical support, ask me how to obtain yours.

Obviously if you have to ask these questions, you need to take immediate steps to plug the holes and cover the gaps. So, here are some steps you can take immediately to implement, or improve, your present safety measures:

Learn all you can about hackers and the tools they use to invade your privacy and cause problems. Subscribe to a comprehensive source of Internet safety research, news and information for small and mid-sized businesses and organizations, or other professionals.
Take advantage of the research already done. Get access to information about the leading topics in the safety field, including hackers and hacker tools, viruses, data back up, writing good passwords, government and legal issues, protecting from insider hacking - and more.
Need help creating a safety plan for your organization or business? Take advantage of professional safety consulting and training both by telephone consulting or on-site visits. Get vulnerability assessments, employees training, safety implementation, and much more.

Because hackers, cyberpredators, and other cybercriminals are becoming smarter and more sophisticated in their operations, they are real threats to your personal safety and privacy. Your money, your computer, your family, and your business are all at risk.

Remember: When you say No! to hackers and spyware, everyone wins! When you don't, we all lose!

© MMVIII, Etienne A. Gibbs, MSW
Your Internet Safety Advocate and Educator

Join Me in My Campaign for Computer Safety for Your Home and Business

2007-01-05T08:48:00.004-06:00

Join Me in My Campaign for Computer Safety
for Your Home and Business
Courtesy of Etienne A. Gibbs, MSW
Internet Safety Advocate and Educator
www.SayNotoHackersandSpyware.com/

I'm sick and tired of hackers, viruses, and spyware shutting down computers and websites on the Internet. Since my computer was hit by a hacker, virus, or spyware that shut it down just before Thanksgiving last year, it hasn't been compromised since. It's been attacked countless times, but I'm glad to say that it hasn't been compromised. Not ever! That's because I subscribe to a comprehensive managed security service.

Although the Internet basically provides a positive and productive experience, cyber-attacks against our personal privacy and security are reaching epidemic proportions. These attacks are occurring in our own homes and businesses. Our own computers are being used are being used as zombies to attack other people, businesses, and even our nation itself. As an average Internet user, you may not be aware of these threats nor have any idea about the dramatically increasing risks you face when connected to the Internet.

Even Xianz, a family-friendly and safe Christian site, has been hit by scammers and hackers. You might have been attacked yourself or might have seen or responded to the Scammer Alerts I initiated in order to warn, educate, and protect fellow-members.

Now I'm on a campaign for internet safety awareness and protection. My mission is to bring critical awareness to individuals, families, and small business owners, and to provide access to the necessary tools and ongoing expertise to secure your computer and help you stay protected.

I invite you to join the many thousands of others who have tested their computers, discovered these threats are real, and taken the necessary steps to protect themselves.

Take a free test to see what hackers, viruses, and spyware are hiding in your computer. Just click on the following link to go to:

www.SayNotoHackersandSpyware.com/

Once there, click on the red Test button.

Now that you have become aware of these issues, I encourage you to share this vital information with your families, friends and communities. Together, we can reach many millions of people and inform them about the threats to their privacy and security, and help them get the protection they desperately need.

Remember: When you say No to hackers, viruses, and spyware, everyone wins! When you don't, we all lose!

© MMVIII, Etienne A. Gibbs, MSW
Your Internet Safety Advocate and Educator

Why "Free" Software You Downloaded Isn't Free

2007-01-04T08:25:00.002-06:00

Why "Free" Software You Downloaded Isn't Free
Courtesy of Etienne A. Gibbs, MSW
Internet Safety Advocate and Educator
www.SayNotoHackersandSpyware.com/

The following is presented in response to a comment made by one of my friends on my blog.

Here's what she had to say:

What about those that can't afford to get internet security and download free programs to protect themselves the best way they know how? Is their a safe website you can go, to get internet security? We all know the threats are out there, but what programs or internet security can one use to better protect themselves against such threats? Sometimes downloading free software is not safe either.

My reply:

Thanks for your comments, but it isn't business people alone who need protection. And the cybercriminals know this! That's one of the reasons they give away nicely packaged "free" software disguised as toolbars, screensavers, and thousand of other "freebies". It may be free to you, but it's loaded with their spyware.

Just like going online takes a subscription to your local ISP (Internet Service Provider) for either dial-up, cable, or DSL service, so, too, will it be in the near future for the average Internet user to protect himself from these cybercriminals. Before long, the average user will be investing in security subscriptions. (I do now and have not had to worry about a thing.)

Like anything else, if you value your computer and being safe online, then you will need to invest in a quality security service. There's no way around it, thanks to the cunning hackers and cybercriminals!

Be careful though, cybercriminals, many out of Russia and the Far East, will sell low-cost or give away their free "security protection" software. Again, this is a smoke screen to allow them to get inside your computer.

"Sometimes downloading free software is not safe."

Just like you have to buy gas to make your car run, or insurance to keep it running legally, so, too, you will have to do when it comes to protecting your id, your personal information, and most importantly, your family. This is the only way to stop hackers and cybercriminals.

Unwanted advertising software or "adware" has evolved from an annoyance into a serious threat to the future of Internet.

Why? Every day, thousands of Internet users are duped into downloading adware programs they neither want nor need. Once installed, the programs bog down the computers' normal functions, deluging users with pop-up advertisements, creating privacy and security risks, and generally diminishing the quality of the online experience.

Some users simply give up on the Internet altogether after their computers are rendered useless by the installation of dozens of unwanted programs.

To read about adware's Dirty Little Secret, go to: www.cdt.org/privacy/20060320adware.pdf

Remember: When you say No to hackers and spyware, everyone wins! When you don't, we all lose!

© MMVIII, Etienne A. Gibbs, MSW
Your Internet Safety Advocate and Educator

Are Predators Lurking on Your Child's Social Networking Sites?

2007-01-03T08:03:00.003-06:00

Are Predators Lurking on Your Child's Social Networking Sites?
Etienne A. Gibbs, MSW, Internet Safety Advocate and Educator
www.SayNotoHackersandSpyware.com/

MySpace, Facebook, BlackPlanet, and other social networking sites are thriving communities where anyone can spend countless hours meeting new people, making friends, chatting, and exchanging pictures. Young people especially flock to these sites to build their own 15 minutes of fame. But, sadly, these sites also have become hangouts for child predators, child pornographers, and other cybercriminals.

To stay one step ahead of authorities, these cybercriminals use tricks to conceal their identities online. One of the most common is lying about their ages, claiming to be younger than they are. And to hide their IP addresses and locations, predators and other cybercriminals often piggyback on Wi-Fi connections or use proxy servers. They use decentralized peer-to-peer networks to prevent material from being tracked to a specific server. They also use encryption to allow them to keep online chats private from those policing the Web. When law enforcement, ISPs, and others take down the websites of these pedophiles, predators, and cybercriminals, it's not long before they're back up, hosted by a different service.

Skillful with their cell phones, instant messaging accounts, and with access to personal computers at home and school, young people are easy targets for sexual predators. Too many of them are ready and willing to share personal information online without a thought to how it might be misused by others. The National Center for Missing and Exploited Children reports that one in five kids online has been solicited or enticed. Reports of child pornography on the center's CyberTipline have increased six of the last seven years.

Business and technology professionals may think of online child safety as a family issue, but it's a workplace issue, too. Social networks aren't just a teen phenomenon. A recent survey by Web filtering company, Websense, found that 8% of respondents visit social networking sites while at work. Companies can use Web filters to limit access to the sites, though Websense says its customers don't seem overly concerned. Whiling away company time on social networks is a productivity issue; luring children for sex is a criminal one.

There's little evidence that sexual predators are trolling from workplace personal computers, but it's been known to happen. In 2003, a Cincinnati-area police chief admitted to soliciting sex from someone he thought was a 15-year-old, using his work computer. And a deputy press secretary at the Department of Homeland Security, arrested in March for attempting to seduce a child, had his workplace computer seized as part of the investigation and gave the number to his government-issued cell phone to a police office posing as a 14-year-old girl.

Child porn stored on company computers and servers has been a bigger problem. Filtering and blocking can help keep the images off networks, though it's not failsafe. Keyword and URL-based filters have spotty coverage. Other software scans images for limbs and skin tones and blocks pictures it identifies as porn, but skin often takes up too little of the photographs, and innocuous material can be inadvertently blocked.

The Internet Crimes Against Children program last year investigated 2,329 cases of enticement and of predators traveling to meet minors, and 252,000 cases of child pornography. Yet those numbers provide just a glimpse of the activity, since many local police forces are too small to investigate child porn. "It's absolutely overwhelming," says Brad Russ, director of The Internet Crimes Against Children's training and technical assistance program, which trains 1,000 officers each year. "The scope and the scale of the problem far exceed our capacity." Intensifying the epidemic is that more than half the world has no laws dealing with child pornography.

Vigilante groups are fighting back. In January, NBC's Dateline featured a report about one such group, Perverted-Justice.org, which set up a sting that resulted in 51 men being busted in three nights. The group hasn't seen one acquittal from those it's helped bring to justice, and nearly all of its work is done with law enforcement. Yet some in law enforcement are wary of such efforts. "We certainly take any information that anyone has regarding an offender," says Randy Newcomb, an investigator with the New York State Police in Canandaigua, N.Y. However, vigilantes expose themselves to liability for entrapment or possession of child porn and might not properly maintain digital evidence, Newcomb says.

Putting filtering and monitoring software on kids' computers provides some protection. SearchHelp's Sentry line, for example, blocks Web sites based on keywords and creates a log of visited sites. It also lets parents and other guardians monitor a child's activity from other computers. Parents can be notified of violations via email or cell phone. Sentry also monitors IM conversations, using expertise culled from law enforcement to flag phrases commonly used by predators.

Any Internet Technology professional knows of the limitations of such tools. The filters don't work perfectly, and even if kids post and browse safely, social networking sites present a new set of problems. Profiles on the sites often link to other online information sources, providing the type of data a fixated predator might use to locate a child, such as a school name, says Michelle Collins, a unit director at The National Center for Missing and Exploited Children.

Investigator Newcomb spoke to an auditorium of elementary schoolers in western New York. When he asked kids in the audience how many of them had more than 200 friends on their online buddy list, a bunch of hands shot up.

Out of those, he asked how many have only friends on that list they can put a face to, and half of the hands remained raised.

Finally, he asked if any of the kids had ever gone and met someone they'd got to know online, and a few hands were raised. "That's just totally frightening to me," Newcomb says. "The superintendent looked like his eyes were going to pop out of his head."

It may take a village to raise a child, but in a world of online social networking, decentralized networks and servers, and increasingly tech-savvy child predators, it's going to take a united effort among government, industry, and families to keep them safe. To protect your child, you need an Internet security team of experts making sure that you, your family, and your business computer are always safe and secure.

The best protection you can have in today's rapidly changing world of cyber-attacks is to have expert support for all your Internet security needs that will provide technical support without any hassles and without charging you extra fees. It will become even more critical than it is today as time goes on. You need to find your own personal team of experts to rely on. If you ever have a security problem, you will want to have a trusted expert you can call for professional help, without any hassles and extra costs!

Remember: When you say No to hackers and spyware, everyone wins! When you don't, we all lose.

© MMVIII, Etienne A. Gibbs, MSW
Your Internet Safety Advocate and Educator

A Five-Step Plan to Help You Stay Ahead of Security Attacks, Risks, and Threats

2007-01-02T05:49:00.003-06:00

A Five-Step Plan to Help You Stay Ahead of Security Attacks, Risks, and Threats
Etienne A. Gibbs, MSW, Internet Safety Advocate and Educator
www.SayNotoHackersandSpyware.com/

The University of Georgia network security system fight off 80,000 to 90,000 potential attacks daily. At the Bank of New York, sensors catch millions of security "events" in a month and "we don't even treat the scripts that run out there or worms flowing across the Internet at any point in time as an incident because they are not entering the network," notes Eric Guerrino, the bank's head of information security.

With all the threats floating around in the cyberjungle, how do you sniff out a serious Information Technology security breach? The best defense requires a mix of technology muscle and human interpretive skills. Detection systems are essential tools, but it's up to professionals to make some informed distinctions.

I have put together five steps that you can take under consideration when evaluating your home or business computer systems. These steps will be presented in five parts. Now, let's begin:

Step No. 1: Let the Bells and Whistles Alert You about the Initial Attack

The Bank of New York's incident-response team sizes up threats based on some critical calculations: the probability of imminent attack, the probability that an attack will succeed once attempted and the potential damage of the attack if it proves successful; the location of the potential targets, the host operating systems and their associated vulnerability to the attack; and the sensitivity of the data residing on affected devices.

What gives an organization the best chance to safeguard itself? The critical elements include multiple levels of traditional and emerging security monitoring tools; an analysis system capable of crunching copious amounts of event data; and the ability to process observations from employees and customers.

Firewalls and intrusion-detection systems are the old reliables of detection technology. Standing at the intersection of internal networks and the public Internet, firewalls are the established first barrier to external attacks. Intrusion-detection systems, which joined the security force in the late 1990s, monitor networks for suspicious activity. Intrusion-prevention systems go a step further, monitoring traffic and then initiating an automated response, such as dropping a particular packet of data.

Old-school intrusion-detection systems identify threats based on the signatures of known attacks. But some new threats are too nimble for that: So-called "zero-day" attacks occur at the same time vulnerability is discovered, leaving no time for the creation and distribution of signatures.

To address this, security teams have supplemented signature-based systems with behavior-based detection technologies, which establish a baseline of normal network traffic. The systems then search for anomalous patterns, for example, traffic coming from a network at a time when no one should be using it, helpful in flagging previously unknown types of attacks.

In responding to zero-day exploits, their biggest concern, Bank of New York deploys hundreds of intrusion-detection and intrusion-prevention sensors that record events on a daily basis. Its intrusion-detection/prevention systems shield the bank from the vast majority of exploits, and only a fraction of the events warrant a security-breach investigation.

The University of Georgia also uses an intrusion-detection/prevention combination. The university operates a Security Operations Center that monitors its intrusion systems around the clock and also minds firewalls, virtual private networks and other security products.

Step No. 2: Follow the Threat to Its Source

When an alert shows up on a security manager's console, it's as if someone set off an alarm, says Morrow, the Chief Security and Privacy Officer for Electronic Data Systems Corp. The security group's first question is obvious: Where is the problem? But finding the answer requires ingenuity. There's no single surefire method for finding a security breach and nailing down its scope.

The task is still more art than science. Event logs generated by firewalls and early warning intrusion-detection/prevention systems give security analysts one route of inquiry. And the demand for tools that help correlate the mass of security data held by the various systems is growing. Security experts advise looking at security information and event management software, which helps security managers detect incidents, for clues that may help identify the source of the attack as well.

Security information and event management software rolls up alerts from firewalls and intrusion-detection/protection systems, along with event data from antivirus products, databases, Web servers and elsewhere. It offers two tracks to get to the source. One is its visualization portion, which looks like a large, continuously scrolling spreadsheet and provides some amount of detail on a network attack, detected virus or other event, including the Internet Protocol address of the affected equipment and device name.

The initial information gives a basic sketch of the problem and where it may exist. Every device connected to a network is identified by an Internet Protocol address that can guide security personnel to the general areas requiring investigation. However, there are limitations to this line of inquiry; one is a lack of context. What does the IP address mean? Where is it and who is using it?

The other limitation is that an attack may spoof the IP address. Security analysts thus have to dig deeper into the second source, the event logs, which contain more finely grained detail. They'll be looking for Media Access Control addresses, which identify network nodes, to see if a given IP address is correct and valid, Lawson explains. The logs also will provide details on how an attack progressed through a network. By examining the firewalls and routers and operating systems, analysts can piece together how many Media Access Control addresses, Internet Protocol addresses and routers were targeted in a given incident, Lawson says.

Security personnel need information beyond the alert itself. A good security information and event management system will archive logs from different security devices, routers and operating systems. A security information and event management system's data gives the security team direction; after that, they must still physically find the affected system.

A configuration management database, which holds information about the components of an organization's information-technology infrastructure, can help. By identifying components and their status, the database helps security managers zero in on the source of trouble, though that doesn't mean all devices are easy to find; a laptop plugged into the corporate network by a temporary worker or other visitor will be elusive.

For all the automated sleuthing, a certain percentage of devices will be discovered only by simple hand-on crawling through offices, plugging and unplugging things. When it comes to detecting an attack, human intelligence must support automated systems in determining the scope and severity of an attack. Security managers say they seek out the affected asset's owner.

Determining the appropriate response means taking the attack's venom into account. Besides wanting to know how many systems are affected and the location of the attack, security personnel also seek to determine the insidiousness of the attack. They will want to know if it is a random exploit or a botnet propagating through the network and reporting information back to somebody or some organization through an IRC [Internet Relay Chat] channel. Something like that is much more impactful."

While corporate security groups chase down incursions when they happen, they've tried to become more proactive, looking for and fixing weak spots before attacks occur with the help of vulnerability management tools. Like intrusion-detection sensors and firewalls, these tools may feed into security information and event management systems and configuration engines.

Many organizations scan for vulnerabilities on a regular basis, allowing security personnel to determine which systems are vulnerable to attack and patch accordingly.

Step No. 3: Implement An Incident Response Plan at Home and at Work

When a security incident occurs, it's the information technology security group's job to respond. Among the group's first assignments: Determine whether an alert represents a serious incident or a false alarm. Security managers may call upon internal experts or external help from antivirus vendors and various intelligence services, which provide reports on computer security threats.

UPS subscribes to a number of such services and maintains a strategic relationship with an antivirus vendor. The relationships help UPS stay on top of the threat environment, which puts the company in a position to react ahead of time.

But the knowledge flows in both directions. When UPS discovered a variant of the Zotob worm, the company notified its antivirus vendor. Zotob achieved notoriety in August 2005 when it hit CNN and The New York Times, among others.

An alert that reaches full-blown incident status triggers an organization's response plan-assuming it has one. Security experts say large enterprises typically do maintain some type of formal response plan, though incident response varies widely. Some response plans, governed by extensive steps and checklists, become so choreographed that they are almost restrictive. The other extreme is no choreography, which results in a "mad dance." The best fit? Follow a middle path. The University of Georgia follows established incident-handling protocols, based on documentation from the National Institute of Standards and Technology (NIST) and the SANS Institute.

NIST's Computer Security Resource Center publishes a range of security policy guidelines, some of which touch on incident response. The SANS Institute, in conjunction with the Center for Internet Security, offers the Security Consensus Operational Readiness Evaluation, which seeks to provide a minimum standard for information security procedures and checklists. ISO 17799, which provides guidelines for security management, also covers incident management.

At some organizations, a computer incident response team (CIRT) puts the response plan into action. The corporate security chief generally heads the CIRT, but some companies prefer to tap an experienced outsider to manage response activity, so that one person doesn't wear two hats in a crisis.

The CIRT team consists of I.T. security specialists, either internal or external, and people with other areas of expertise. Miracle says CIRT usually includes desktop gurus, server managers, and help-desk representatives. The CIRT members' responsibilities are determined in advance. "In real time, you can't have people arguing ... that you can't shut that server down," Miracle explains. He adds that some companies hire consultants to help establish roles and get different groups across the organization to buy into the plan.

While the CIRT team may have broad influence, its physical reach may be limited. To address this issue, the University of Georgia's security group has deputized security liaisons in each of the institution's 14 colleges. Each college has a different security parameter, but through the use of institutional policies, standards and processes, the university has been able to set a security baseline. A security liaison also represents the university's administrative users.

For malware cleanup, an organization may choose to reload a fresh software image rather than delete the offending code. More companies choose such "brute-force methods" because they find it less arduous than potentially spending hours cleaning infected files from a system.

Brute force or not, cleanup comes to a halt when an incident calls for a forensics examination. During an ongoing network attack, the organization must decide whether to let the incursion continue to aid its investigation or cut it off to minimize damage. Technology and business leaders must weigh whether the investigative process outweighs the risk to the network.

Sometimes it's strictly a business decision, but criminal cases may involve external authorities such as the FBI, or state authorities.

Because organizations may lack the specialized staff to investigate computer crime, forensics is frequently outsourced. Banks, for example, handle most response tasks internally, but may call in a forensics specialist if an incident looks like something that might lead to litigation. An event such as theft of service could spark a forensics investigation, but could also be treated as an employee matter if the theft occurs internally. Some banks have a retainer-like contract with a forensics services firm that gathers evidence and maintains the chain of custody.

While investigation and remediation activities continue, incident responders, ideally, keep lines of communication open with key constituencies. The CIRT team, for instance, notifies line-of-business managers of a problem so they can inform their customers.

Step No. 4: Dealing Effectively with Corporate Management

Picking up the phone to call the C-level suite ranks as the most delicate part of a security team's communications plan. Discernment is crucial in deciding when and how to inform the powers that be. Top executives need to be in the security loop, but the sky will fall on the security officer who issues one too many false alarms.

False alarm rate to business people has to be low for it to be taken seriously. If a security shop warns erroneously more than twice a year, people tend to ignore the next one. The experience and intuition of the security manager plays a major role along with knowing what is of interest to senior executives and what's not.

The University of Georgia's triage team always assesses the scope and severity of an incident before contacting higher-ups M&T Bank ranks incident severity on a 1-to-4 scale, with Level 1 deemed the most critical. A Level 1 incident must involve at least one of the following: unauthorized disclosure, modification, destruction or deletion of sensitive information or data; disruption of business continuity and critical business processes or communication; an impact on the long-term public perception of the organization; or identity theft of an individual or group.

In response to a Level 1 incident, the manager of the resources involved is instructed to cease use of the resources until the bank's incident response coordinator makes contact and provides further instruction.

At New York Presbyterian Hospital, the priority of an incident rises as a particular segment of a network becomes sluggish, and then escalates up to the point where there is a complete disruption of service which has to be reported. At the health-care facility, any incident that could potentially affect patient care must be communicated upward as well. Incidents all get reported, but not at the level of individual viruses and not every day.

At Pitney Bowes, context counts. An attack involving one application may sound small, but if that application is a key enterprise system that impacts many people, it may become a need-to-know incident. Incidents judged not to rate the C-level executives' immediate attention are periodically summarized and presented to them in a group.

Some security professionals provide an incident summary to a board-level committee of senior executives every six months. The summary includes the number of incidents by category, including unauthorized access, disclosure, usage, or destruction; loss or theft of information or equipment containing information; service disruptions; and copyright or trademark infringements. Incidents are further classified by impact and severity.

To ensure reasonably smooth communication in a crisis, security groups need to open a channel of communication with management. Having an established foundation for dialogue is crucial to the security officer's effectiveness even in the normal course of business, and more so in an emergency, security experts say. Security experts tout a close relationship with the top brass as critical for maintaining a healthy security budget and a corporate culture that values security. There is tremendous turnover among chief information security officers with some former security officers insisting they won't take that assignment again. But some security officers have established solid executive-level ties.

But there are several reasons why C-level executives may ignore the chief information security officer, including lack of trust in the individual and a perception that security manages are "inhibitors or disablers."

Regulatory compliance issues have pulled at least some senior executives into the information-technology security camp. Sarbanes-Oxley, which demands documented risk-management processes, has forged a much closer relationship between the chief financial officer and the security team today than before. When Chief Financial Officers familiarize themselves with their security group's processes and systems and have invested considerably in technology to address risk issues related to information technology security, the close relationship tend to exist.

Security managers, for their part, have been working to build closer links not just to executive management, but to all levels of an organization. Good communications and partnerships within the business as the biggest boons to a successful security strategy. Having liaisons working with a company's technology and software development team helps in maintaining contacts in key business units and subsidiaries. For example, a security group's outreach could be as simple as bouncing ideas for new security policies or technologies off business-unit representatives. The group may also provide assistance in implementing a security system.

Collaboration between the application and security groups means that security controls are embedded in software from the beginning, as opposed to being retrofitted after development. The corporate legal department and public affairs shop are two other groups beyond the C-level that might be notified about incidents.

The corporate groups, in turn, will likely have advice for the security team. The University of Georgia maintains a security advisory council with representatives from the human-resources, legal, internal audit, and public affairs departments. The university's Chief Information Officer also serves on the council, which offers guidance on security policies and standards, and acts in an advisory capacity during an incident.

Tone is important in building cooperation between security and other business units. Information technology security professionals must be good at getting people's attention in a positive way. Further, they must develop positive ways to share information on security issues and explain to the application development team or the information-technology infrastructure team, for example, how those issues may affect them.

Security has this negative connotation that surrounds it and corporate security groups at some companies have a "Big Brother" image. Some groups build consensus rather than dictate security directives because they want the business to see the security team not as a roadblock, but as a security-minded business partner.

The university environment, in particular, demands communication and consensus-building, because higher education is very slow to change. It's extremely difficult to turn that ship around, if they don't want to be turned around. Some security professional find it easier and more productive to foster and build relationships with students, faculty, and staff before trying to do so with department heads.

Step No. 5: Learning From Your Company Security Experience

The follow-up to a security incident typically involves a round of vulnerability assessment. Security groups check to make sure that the remediation efforts truly eradicated the problem and patched the afflicted systems. Different types of attacks call for different recovery procedures. An unauthorized access incident could involve the attacker gaining root access to a system. If that's the case, the recommended course of action is to change all of the passwords on the system, according to the National Institute of Standards and Technology's Computer Security Incident Handling Guide.

But organizations don't always follow all the steps" toward comprehensively recovering and securing a system. Changing all users' passwords in a big organization is a very tedious job and a time-consuming and very intensive manual process. An intruder who gains root access may have obtained administrator-level access to the system.

Security teams usually conduct a post-incident scan with vulnerability assessment tools to ensure that necessary actions, such as applying required patches, have been taken. But security managers say they are continuously scanning anyway to uncover vulnerabilities or violations of security policy.

Vulnerability scans are used to scan desktops, servers, and networking gear for compliance to corporations' security policies. Then the resulting information is used to improve security measures. Some corporations check for gaps in several key areas including system security configuration settings, security patches, antivirus status, personal firewall status, and industry-known vulnerabilities.

Others have customized their security measures to help assess compliance to their acceptable-use policy. The result is an executive-level snapshot in time of whether end users are following policy. They may also bring in an outside analyst every few years to perform a vulnerability assessment.

The University of Georgia runs vulnerability scans and has vulnerability management applications installed on sensitive and critical servers. The vulnerability management applications check configurations or settings on servers and generate a report card, which covers areas such as operating systems level and patch, open vulnerable ports and user accounts.
Some corporations do vulnerability assessment and scans on a regular basis. Scans at UPS are performed by a managed security services provider and may be scheduled on an on-demand basis as a follow-up to an event.

A vulnerability assessment is largely a technical exercise. Enterprises also convene post-incident meetings with representatives from different areas of an organization, which focus on process as much as technology.

Some security group holds an "aftermath party" with the university's security advisory council, including the chief information officer and representatives from the legal, public affairs and HR departments, among others.

The meeting dissects the security team's response to the incident, assessing the effectiveness of processes and procedures. The follow-up meeting also serves as a springboard to spread the word about a given incident, with an eye toward avoiding it in the future.

Security experts point to education as the most important safeguard against future incidents. Some companies ensure their employees undergo security awareness training when they first join the company and annually thereafter. Managers are held accountable to make sure all who report to them have gone through the training.

Sometimes security training crops up in other guises. Sometimes security messaging and data protection messaging are integrated into all of leadership training ands sometimes a company may schedule a security awareness week each year.

Training aims to prevent incidents, but an educated user can also contribute to early detection. Because they'll know what not to do and when to call if they see something out of the ordinary, many serious incidents are prevented.

Education initiatives must be flexible, enabling security groups to take lessons learned from security incidents and fold them back into the training regimen. They also must study changes in attack types and methods and update the curriculum.

Some banks conduct quarterly threat assessments to close existing vulnerabilities and anticipate new exploits. They may review their security posture annually with a third party. Their new understanding of the threat environment is incorporated into training programs for technical people and awareness programs for the rest.

Keeping information-technology departments up to speed on security is another dimension of the security group's education initiative. Application developers, for example, need to incorporate the organizations' latest security principles as they generate code.

Ongoing training efforts help keep security on the front burner, say security executives, who warn that the absence of major incidents tends to lead to complacency. Companies that are not successfully attacked get lax and you have to reinvigorate them. Understanding the hazards and risks and threats of doing business in a networked environment will help employees and companies become much more secure.

Because cybercriminals are becoming smarter and more sophisticated in their operations, they are real threats to your personal security and privacy. Your money, your computer, your family, and your business are all at risk.

These cybercriminals leave you with three choices:

1. Do nothing and hope their attacks, risks, and threats don’t occur on your computer.

2. Do research and get training to protect yourself, your family, and your business.

3. Get professional help to lockdown your system from all their attacks, risks, and threats.

Remember: When you say "No!" to hackers and spyware, everyone wins! When you don't, we all lose!

© MMVIII, Etienne A. Gibbs, MSW
Your Internet Safety Advocate and Educator

Doing Your Part to Keep Your Kids Safe Online

2007-01-01T05:11:00.004-06:00

Doing Your Part to Keep Your Kids Safe Online
Courtesy of Etienne A. Gibbs, MSW,
Internet Safety Advocate and Educator
www.SayNotoHackersandSpyware.com

There are some very positive things that can be found on the Internet. You can connect with friends and family, research information, play games, find jobs and much more. Unfortunately, the Internet can also be a very dangerous place to be. The number of online predators is growing at epidemic rates.

Cyber bullying, child abductions, rape and even murder are a real threat to kids who are not properly taught how to act online. Kids feel safe when they are using the computer because they cannot see or interact with the other person like they would face to face. This causes them to let some of their defenses down and can mean disaster for them and their family.

Some Simple Pointers:

Keep the computer in an open area of the house. This helps prevent kids going to websites that they may have gone to if they had more privacy.
Children will want to have online accounts, but it is always safer not to let them have any at least until they are in high school. If they do have online accounts, have access to it so that you can know who's talking to them.
Trust your children. You can monitor their activities while allowing them to maintain a sense of freedom.
Set limits as to how much time and what sites they can visit.
Maintain open communication with your kids.
Know their friends.

Staying safe on MySpace:

Always remember that everything shared on MySpace is out there for everyone to see. This means that you are sharing private information with people who pose no threat and also with those who could prove to be dangerous.
Never give out your phone number, home address, specific whereabouts, or IM screen names. (Be extremely careful what you post and allow your kids to post on social networking sites. Sometimes predators can determine your location simply by looking at the backgrounds of your posted pictures.)
If there are things you don’t want everyone to know, do not post them on MySpace.
Do not give out information that tells people where you will be at a certain time.

There is nothing more tragic to a parent than the loss of a child. Please, let's teach our kids to be safe online and do our part to ensure their safety.