authentication: What is Two-Factor Authentication and How Does it Work? - 11/22/19 09:31 AM
There are a number of ways that you can protect yourself online, and one of the things you can do is to start using two-factor authentication.
You probably have seen two-factor authentication even if you aren’t sure what it is. For instance, if you do online banking, your bank might text a code to your phone or email when you try to change the password. This is two-factor authentication. It’s basically just an extra step that confirms that you are the account owner. This makes it more difficult for hackers to get into your account, too. Not only do they need a … (16 comments)

authentication: Be aware of all these Confidence Crime - 07/26/18 07:40 AM
Criminals have a reliance on tricking victims to get access to account information, like passwords. This is known as social engineering, and is also called a “confidence crime.” These come in many forms:
Do Not Take the Bait of These Phishermen
A phishing email that targets a specific person is known as spear-phishing. A spear-phishing email looks like an email that might come from a legitimate company to a specific person. For example, a thief might send a fake email to a company’s employee who handles money or IT. It looks like the email is from the CEO of the company, and … (14 comments)

authentication: 10 ways to beef up Digital Security - 12/15/16 06:09 AM
#1. Keep everything up to date. You know those annoying popups telling you updates are available? Do you ever click out of them? Don’t. Always update at the time these appear.
#2. Two-step verification. Two-step verification or authentication should be set up for all your accounts that offer it. A unique one-time code is sent to the user’s phone or via e-mail that must be entered in the login field.
#3. Unneeded browser extensions? Review your browser extensions. Uninstall the ones you don’t use. Too many extensions can slow down your computer.
#4. Encryption. Encryption software will scramble your e-mail and other correspondence so … (12 comments)

authentication: You need Two-Factor Verification for your Amazon Account - 09/06/16 12:01 AM
If you have a strong password for your Amazon account, you may still want to consider beefing up the security with two-factor verification (or authentication), which will prevent a thief from accessing your account (which is possible if he gets ahold of your password and username somehow).
Log onto your Amazon account. Have your mobile phone with you. Click “Your Account.” Scroll down where it says “Settings—Password, Prime & E-mail.” Click “Login & Security Settings.” Go to “Change Account Settings” and at the bottom is “Advanced Security Settings.” Hit “Edit” there. You are now on the page for setting up two-step verification. … (4 comments)

authentication: Be aware of all these Confidence Crimes - 08/09/16 12:00 AM
Criminals often rely on tricking their victims to gain access to their passwords and other account information. This act of tricking is called social engineering, also known as a confidence crime, and it comes in many forms.
A type of phishing e-mail where the criminal targets someone specific is called spearphishing. The spearphishing e-mail will look very much like the typical company e-mail that the real person uses. Example: The thief sends a trick e-mail (phishing) to a company employee he found on LinkedIn, making it appear to be from the company’s CEO or some other higher-up. The “CEO” requests sensitive … (4 comments)

authentication: Phishing attacks Two-Factor Authentication - 07/28/16 12:14 AM
Hackers bank heavily on tricking people into doing things that they shouldn’t: social engineering. A favorite social engineering ploy is the phishing e-mail.
How a hacker circumvents two-factor authentication:
First collects enough information on the victim to pull off the scam, such as obtaining information from their LinkedIn profile. Or sends a preliminary phishing e-mail tricking the recipient into revealing login credentials for an account, such as a bank account. The next phase is to send out a text message appearing to be from the recipient’s bank (or PayPal, Facebook, etc.). This message tells the recipient that their account is about to … (1 comments)

authentication: How to use two-factor authentication for critical accounts - 10/11/15 11:45 PM
Have a small business? Great. Have two-factor authentication for your accounts? If you’re not sure of the answer to that question, you could be in trouble. October is National Cyber Security Awareness Month, the perfect time to learn more about cyber security. As a small business owner, you certainly have thought about data breaches. They don’t just happen to giants like Target and Sony. The common thread in many data breaches is that the hackers got the password.
Once a hacker has a password, they often can get into the account, even if a username or other information is required. But suppose … (0 comments)

authentication: Go Two-Factor or go Home - 04/12/15 11:11 PM
Logins that require only a password are not secure. What if someone gets your password? They can log in, and the site won’t know it’s not you.
Think nobody could guess your 15-character password of mumbo-jumbo? It’s still possible: A keylogger or visual hacker could obtain it while you’re sitting there sipping your 700-calorie latte as you use your laptop. Or, you can be tricked—via a phishing e-mail—into giving out your super strong password. The simple username/password combination is extremely vulnerable to a litany of attacks.
What a crook can’t possibly do, however, is log into one of your accounts using YOUR phone … (5 comments)

authentication: 5 Habits of Practically Unhackable People - 04/02/15 11:44 PM
At the start of the year, we all made our resolutions for 2015. Now it’s March—how are you doing on your resolutions? If you’ve already broken a few, no worries; New Year’s doesn’t have the monopoly on making goals to better yourself. This is especially true with digital safety. At a time when there are so many security breaches, it’s important to commit to strengthening your digital defenses year-round.
When making goals, it’s important to emulate people who have already mastered what you’re trying to learn. So in this case, what do super secure people do to stay safe online? Intel … (3 comments)

authentication: Fingerprint hacked by a Photo - 01/19/15 09:18 PM
You can’t change your fingerprint like you can change your password. But why would you want to change your fingerprint? The thought might cross your mind if your fingerprint gets stolen.

How the heck can this happen? Ask Starbug. He’s a hacker who demonstrated just how this could happen at an annual meeting of hackers called the Chaos Communication Congress, says an article at thegardian.com. His “victim” was defense minister Ursula von der Leyen.
Starbug (real name Jan Krissler) used VeriFinger, a commercial software, with several photos of von der Leyen’s hands taken at close range. One of the photos … (19 comments)

authentication: Multifactor Authentication trumps knowledge based Authentication (KBA) - 02/12/14 09:46 PM
What is knowledge-based authentication? The KBA design asks the user to correctly answer at least one question, a “secret” only the user would know.

There are two types of KBA: 1) Answering a question that the user has pre-selected (static scheme), and 2) Answering a question that’s determined by garnering data in public records (dynamic scheme).
The idea is that if a question is correctly answered, the person’s ID has been verified.
KBA Flaws
Fraudsters can answer “secret” questions—even those that the user must think hard to answer. But how?
Spear-phishing: gaining access to the public data aggregators by tricking … (1 comments)

 
Robert Siciliano, Realty Security and Identity Theft Expert Speaker (IDTheftSecurity.com Inc) Rainmaker large

Robert Siciliano

Realty Security and Identity Theft Expert Speaker

Boston, MA

More about me…

IDTheftSecurity.com Inc

Address: PO Box 15145, Boston, MA, 02215

Office: (617) 329-1182

Email Me



Listings

Links

Archives

RSS 2.0 Feed for this blog