Cold Temps, Hot Scams
Temperatures are dropping in my corner of the world, signaling another winter is just around the corner. As it gets colder out, we spend more time indoors, connecting ourselves via phone and Internet to the places and people we love. Fraudsters, cons and crooks know this and take advantage of the extra digital traffic to execute their cold, cruel deeds.
Read on to avoid falling victim to these tricks and traps. 


Feet sneakers walking on fall leaves Outdoor with Autumn season nature on background Lifestyle Fashion trendy style
ventVenturing Out to Vote

Election opens floodgates to fraudsters
What an election year we've had in the U.S. 
The United States Capitol American Flag and Bald Eagle with aged textured effect.

With many (including me!) already exercising their right to vote through absentee ballots, the process of electing the next American president is underway. 

This has effectively opened the floodgates for fraudsters adept at using campaign and election-themed tricks to con people out of their money... or their personal data.
Here are a few things to watch out for...
Outdated and unreliable technology in voting systems , creating hack-attack vulnerabilities
Unsubstantiated claims of election tampering (thanks for this pointer, Christina A!)  

dataData Breaches Heat Up

Consumer fatigue and litigious action turn a bad situation worse

Anything connected to the Internet is vulnerable. The virtual explosion of data breaches is clear evidence of that. The financial and reputational damages can be devastating for a victimized organization. Add to that the mounting threat of consumer litigation, and these attacks are quickly becoming one of the largest threats we're facing today.
In one circumstance, a group of  Wendy's customers  is accusing the U.S. based fast food chain of failing to properly protect their payment card information when it suffered an attack on some of its payment terminals. In another, victims of the Yahoo breach have filed claims against the Internet company for neglecting to secure their private information. 

THE TAKEAWAY:  Lawsuits of this type are not likely to slow down anytime soon, and some states in the U.S. will experience more than their fair share thanks to the nature of their court systems. Although the federal court has historically required proof of actual injury to win such a case, some states like California have not been as strict. 

interInternet of Things Brings Down Popular Websites

Hackers flood sites with traffic from IoT gadgets
Sun setting over Herold pond on our farm just a few days ago
Data security and privacy experts are having a big "I told you so" moment right now. Remember all those warnings we've been shouting from the rooftops about the dangers posed the Internet of Things (IoT)? Well, we found out just how dangerous they can be with the distributed denial of service attack (DDoS) that shut down the websites of some very big brands, including Visa, Amazon and Twitter, on Oct. 21.
So what happened?
While this is admittedly an oversimplification, the basics are that hackers found a way to flood DNS service provider, Dyn, with an overwhelming amount of internet traffic. And they used connected devices , such as TiVos, digital cameras and baby monitors, to generate that traffic. 
THE TAKEAWAY: In an as-yet unregulated IoT environment, there are bound to be more attacks like this. Before purchasing any IoT gadget, product or service, be sure you understand the risks and conduct good research on how to keep it secure. Without good security,  hackers can make you an unsuspecting part of a DDoS or another, possibly even more devastating, cyber security attack .

cold Cold-Hearted Viruses Spread Like Wild Fire

Increased indoor time often equals more online time. That equates to more chances of clicking the wrong thing or answering the wrong call. 
Keep an eye out for these this fall...
are Are 'Bundled Up' Neighbors Using Your WiFi?

High-speed moochers could spell big problems for you
couple of dogs in love sleeping together under the blanket in bed
I couldn't believe my eyes when I saw a commercial from a local high-speed Internet service provider. In it, a teenager bragged to his mom about using the neighbor's high-speed connection (presumably without their knowledge). Shocking for an ISP to even plant that idea in the minds of what could be hundreds of thousands!
So what if someone uses my WiFi, you might be wondering. Well, besides the potential to burn up your allowed data transmission for the month, an uninvited WiFi user can create another pretty big-deal problem. What if your neighborhood "mooch" is visiting the kinds of sites that could get you prosecuted, added to a watch list or worse? Web traffic is often monitored by IP address, so any "bad" sites someone visits on your WiFi will create a data trail leading right back to you! (It's how the FBI tracks and finds all manner of bad guys online.)
THE TAKEAWAY:  Putting an end to this kind of surveillance may not be easy, now that at least one judge has said people should have no expectation of privacy on their home PCs. So lock down those WiFi networks, folks!

war Warn Your Friends, Neighbors, Colleagues

Online scams even smart people fall for

There are thousands of different scams people pull online. The reason even smart people get fooled is because the tricksters behind them leverage the reputations of legitimate, trustworthy people and organizations. Sometimes they do this by spoofing the accounts of real people and brands; other times they purchase hundreds of friends/followers to make themselves appear legitimate.
Here are just a couple examples...  
I saw the above post all over my Facebook (on the accounts of people I know and trust). Sadly, many people commented with what appeared to be actual SSNs. Let's hope not!

Another common trick is to take advantage of news headlines. Recipients of phishing emails like the one above think, "Oh yea, I heard something about this," and they click. Coverage of Wells Fargo's recent "insider fraud" scandal may have caused more people than normal to act on this email. (But check out that from address... obviously not really from Wells Fargo!)

SeventhPrivacy Professor On The Road & In the News

On the road again 

One of my favorite things to do is visit with leaders in different industries - healthcare to associations to energy and beyond. 

Below is a schedule of where I'll be over the next few months.

November 10:  (Live Session) " Where's Your Data? Privacy Challenges for IT Leaders ," Data Privacy Asia Conference, Singapore

November 11: (Live Workshop)  "Going Digital? Think Privacy Impact and Security Design," Data Privacy Asia Conference, Singapore
Taking to the air waves

CWIowa Live, a morning TV broadcast, regularly covers privacy and security tips with their guest, the Privacy Professor! Each is a brief 10-15 minutes and covers topics ranging from insider theft to connected vehicles. Check out this online library to watch recent episodes.

Here is my most recent visit to the studio, during which we discussed voting system security concerns. 

In the news

Questions? Topics?

Have a topic I should discuss on the  CW Iowa Live morning show? Or, a question I can answer in my next monthly Tips? Let me know!

First snow, fall 2015
Brrr... can you feel that hard freeze coming? Maybe not. Perhaps where you are it's turning warm... or you're experiencing unseasonably toasty temps. 

Whatever your climate, be prepared for the inevitable trick or trap to come your way. Awareness is an important component, and simply by making it to the bottom of this newsletter, you've proven your committed to learning all you can to stay safe! 

As always, feel free to forward this to others to help them stay aware also.
Have a wonderful, safe November,
Rebecca Herold
The Privacy Professor
Need Help?

Permission to Share

Want to repurpose the information contained in this Tips? Yes, please forward in its entirety. 

If you prefer to use only excerpts, please use this attribution:

Source: Rebecca Herold, Founder, The Privacy Professor┬«,,,, 

NOTE: Permission for excerpts does not extend to images, some of which are my own personal photos. If you want to use them, contact me.
The Privacy Professor
Rebecca Herold & Associates, LLC
Mobile: 515.491.1564

Visit my blog    Follow me on Twitter