My Cart  
You haven’t added anything to your cart yet. Once you add an item, you’ll see it here.

Total

Checkout
 

The Internet of Things

Identity Theft News

The Internet of Things

Be aware of the potential privacy implications with internet-connected devices

The “Internet of Things” or “IoT”—have you heard the buzz around it? Do you know what it is?

It is a phrase used to refer to those things that can connect to the internet to send and receive data. The “things” are too many to list but a few examples are:

  • Sensors in a lawn watering system that consider the recent weather conditions to decide when to water or how much.
  • A home lighting system that analyzes your lighting use patterns and mimics them when you are away from home so it’s not obvious to outsiders that you are away.
  • A health/fitness tracking device that records your exercise activity and sleep rhythms.
  • A home monitoring system that allows you to lock/unlock doors and program your thermostat remotely.

One of the thoughts behind the IoT is that life will be enhanced by the ability of the things to share data between devices and with the consumer. But, are there factors related to the IoT that could impact your privacy?

In a recent blog post titled Cool New Tech Devices: What Privacy Risks Are Wrapped Up Under Your Tree?, the Privacy Rights Clearinghouse (PRC) points out that “with people’s lives so connected to the internet, there are numerous potential privacy implications.” The PRC shares these privacy habits to practice with your internet-connected devices:

  • Keep the firmware on your wireless router up to date. Firmware is usually already on a device when you receive it but you should look for instructions on updating the firmware when required.
  • Change the default password assigned by the manufacturer of the internet-connected device. Create a unique password.
  • Use WPA2 encryption and a strong passphrase with your wireless network. WEP encryption is vulnerable to intrusion.
  • Read through privacy policies on devices and opt-out of data collection when you can. Be sure that you are comfortable with what data will be collected and how it will be used.
  • If you have an internet-connect device with a camera but you don’t need to use the camera to use the device, cover the camera lens with a piece of solid tape.

Beyond these basic tips, it is also important to understand the terms and conditions of use of the device and the privacy policy. Opt-out of data sharing when you can. Is there a default privacy setting that is set to “public”? Change it to private.

Consumers will need to keep security in mind and get answers to certain questions about an internet-connect device before they decide to use it. Some of those questions are:

  • What data is collected?
  • Can the data be encrypted?
  • How is the data used?
  • Will the data collected be sold?
  • Can a password be set up on the device?

Like most things, informed decision-making and responsible utilization are vital to beneficial use of an internet-connected device. If consumers take such steps, they will protect their privacy and avoid security lapses that could put their privacy and even their physical safety and identity at risk.

The Internet of Things appears here to stay. The challenge for consumers may be to keep up with the technology.

 

A service of the Investigators of Kroll. These materials are derived from the research and discovery activities of Kroll Fraud Specialists and Licensed Investigators, and have been gathered from personal, historical, and aggregated experience performing specialized restoration services on behalf of Identity Theft victims. While believed to be accurate, these materials do not constitute legal advice, and are not guaranteed to be correct, complete or up-to-date. These materials are provided for informational purposes only.

The New Teen Hangout

August 16, 2017

Social Media: The New Teen Hangout

 

From an early age, parents advise their children to not talk to strangers. That advice may stick with a child who is approached by someone at the park, but a teenager who feels “protected” by a screen may carry on an online conversation with a person they don’t know, especially if the “stranger” is posing as a classmate, a friend of a friend, or someone who shares the teen’s taste in music. If that conversation leads to an in-person meeting, your teen may be in serious danger.

 

IDShield Investigator Tips: Phishing Attempt Not Very Rewarding

July 27, 2017

A few weeks ago, I received an email from Marriott Rewards. Was I getting bonus points? A special offer for a last-minute weekend trip? Or was it something much less rewarding? 

As an expert in cyber security, I’m understandably suspicious of all emails. Phishers have gotten so good at making fake emails look real that it is easy to, at a glance, believe the message is from an individual or organization you have done business with, but there are some things you can look for so you do not take the bait and become a victim. What better way to demonstrate than by my actual example?

The Anatomy of a Phishing Email

This is what I first saw in my inbox:

 

Could Smart Toys Put Your Child’s Privacy at Risk?

July 19, 2017

FBI releases warning regarding privacy concerns for internet-connected toys

The Federal Bureau of Investigation released a public service announcement alerting consumers to the potential dangers of “smart toys,” basically any toy that can connect to the internet. This applies to a range of toys currently on the market that have everything from microphones to cameras to cloud storage of audio, video, and other data collected from users.

The FBI raises concerns about toys negatively impacting your children’s privacy and security.

 

The features and functions of different toys vary widely. In some cases, toys with microphones could record and collect conversations within earshot of the device. Information such as the child’s name, school, likes and dislikes, and activities may be disclosed through normal conversation with the toy or in the surrounding environment. The collection of a child’s personal information combined with a toy’s ability to connect to the Internet or other devices raises concerns for privacy and physical safety. 

 

A Trip to the Pediatrician’s Office May Cure the Sickness, But Could It Put Your Child’s Identity at Risk?

July 11, 2017

By the time children are six years old, they have probably been to the pediatrician more than 10 times for wellness checkups alone. With many children continuing to see their pediatricians through their teen years, these office visits – and the information collected at them – all add up. As a parent, you trust the pediatrician and the office staff to take care of your child’s health, but can you trust that your child’s personal information will be securely protected and kept out of harm’s way? Assuming this has not previously crossed your mind, increasing your level of awareness – just as is done with an annual health check – can help to protect your child’s identity from being compromised and exploited.

Health Care Data Breaches on the Rise

WannaCry Ransomware

May 16, 2017

Over the past 72 hours, a massive ransomware attack occurred affecting businesses, government organizations, and individuals in well over 100 countries. The ransomware – called WannaCry (also called WannaCrypt) – encrypts the victim’s hard drive and demands a ransom, paid in the virtual currency bitcoin, equivalent to approximately US$300. Kroll strongly recommends organizations and individuals take action to reduce your risk and prepare for inevitable future similar attacks.

 

What is Ransomware?

Ransomware is a type of malware; once executed on a computer system, it seeks to encrypt a wide range of files, denying the user access, and effectively holding the files “hostage” in return for a monetary payment – a ransom. It prevents users from accessing their computers, files, or mobile devices by holding them for ransom. Users are typically expected to pay high ransom amounts to get access back to their data. Many times, the ransomware will falsely claim that the user has committed a crime with their computer, and that they are being fined by the police department or a government agency.

 

U.S. Government Data Shows Healthcare Breaches Up 320%

May 11, 2017

Check the pulse of your personal healthcare information

 

When you visit your physician or a healthcare facility, the last thing on your mind is the personal information you are required to share. Where is it going? Who sees your information? What could happen to it? Healthcare providers collect personal data ranging from your name and date of birth, to credit card numbers, medical insurance numbers (which may include your Social Security number), diagnosis information, prescriptions, and medical history.

 

Providers are required to store this information securely, but data thieves know how valuable your personal information is. Despite healthcare providers’ best efforts, they often fall victim to data breaches. That puts your protected health information (PHI) in the hands of hackers and thieves who may use it themselves or sell it for others to use to execute a variety of schemes and crimes.