At PenTeleData, we’re focused on keeping our customers informed. That’s why we publish a quarterly newsletter, send educational emails and communicate via social media. It is our hope that the advice below will educate our customers about the latest online security concerns and other related topics.
Check out our monthly education contests.
- How Secure is YOUR Smart Phone?
- What is an Internet Browser and Why Does it Matter?
- Your Wi-Fi Router is Probably Easy to Hack! What Should You Do About It?
- Identify a Phishing Email
- What is Copyright Infringement?
- What is Online Privacy?
- What is Password Security?
- What is Malware?
- What is 'Choosing a Web Browser'?
- What is a Compromised Email?
- What is Social Engineering?
- Online Shopping
- Emergency Preparedness
- Security Tips for Your Bluetooth Technology
- Wait! No…!! Don’t Open that E-mail Attachment Until You Know that It Is Safe!
- Credit Card Fraud and YOU: How to Avoid Becoming a Victim
- How to Improve the Security of Your Computer
- Data Use
- Cyberattacks and Distributed Denial of Service Mitigation
- Sharing Photos Online
- Social Media and Privacy Concerns
- How will Internet-Connected Personal Assistants Change Privacy in Our Homes?
- What is Identity Theft?
- How to Avoid Spam
- What is Blockchain Technology?
- Get the Most Out of Your Home Wi-Fi Network
- Make It a Scam-free Vacation
- How to Properly Dispose of Electronic Devices
- Know the Basics about Social Engineering
- The Internet of Things and Personal Privacy in a Hyper-Connected World
A smartphone can contain a lot of information that we’d rather keep private, such as text messages, photos, contact lists, phone numbers, and appointments. But is it really private? If it’s lost or stolen, could someone read the information it holds? Do your apps see more details about you than you realize?
Here’s what you need to know:
Back-up your data - According to a June 2013 Consumer Reports survey, 69% of smart phone users don’t do this! In addition to backing up your computer, back-up your cell phone data to save your photos, videos, and other personal content, even in the event that phone is lost or stops working.
Use a screen lock or a strong password to secure your phone – Otherwise, if it’s lost or stolen, anyone can access all of your files
Use strong passwords – A four digit code is better than nothing, but a longer code with letters and symbols is much stronger.
Install an antivirus app – Many of the most popular antivirus software providers offer free and low cost apps to protect your phone from malware.
Choose apps cautiously – Read the privacy notices to learn what personal information developers and advertisers collect, how they use it, how they secure it, and how you can control their access.
Turn off location tracking – All smart phones have a feature, location tracking, which can be used by apps to deliver services tailored to the phone’s current location. Some even post your location to your social media pages. Turn off this feature unless you need it for an application such as mapping.
Consider a remote wipe app – This allows you to clear data without having the phone, just in case it is ever lost or stolen.
Clear out old phones – Before you recycle or sell an outdated or unused phone, remove any memory card, delete sensitive data and restore the factory settings.
Be aware of text scams – Just like using email; don’t click on unfamiliar links within a text. They may download malicious software or lead you to a bogus website.
It's likely that you don't even think about your web browser, the program that allows you to access the entire Internet. You probably just use it; after all, it's a transparent technology.
Still, there are a few things to know. First, it's important to understand the definition of a browser. A browser is the program that you use to access the Internet. It interprets the coding language of the World Wide Web in graphic form, displaying the translation rather than the coding. This allows anyone to "browse the Web", eliminating the need to know commands used in software languages. The first Web browser, called WorldWideWeb, was created in 1990. The name was later changed to Nexus to avoid confusion with the developing information space known as the World Wide Web. The first browser with a graphical user interface was Mosaic. Later, others like Netscape Navigator and Microsoft's Internet Explorer were introduced. Today, some of the most well-known browsers include Internet Explorer, Safari, Chrome, Firefox and Opera. It's like a television and the channel you watch - the television is named after the company who manufactures it and the channel is named separately.
Just like an older television cannot display the newest broadcasts correctly, older browsers may not display new web standards as they are intended. Luckly, most new browsers automatically install updates to stay fast and secure. For detailed instructions about how to change or choose your default web browser, visit our customer Help Desk at www.ptd.net/index.php/how-to-change-or-choose-your-default-web-browserFIX.
No matter what default browser comes on your computer or smartphone, you can change it. Just be sure to compare security, features, speed, compatibility with your operating system and support options. Since most are free, consider trying them out to see which you like the best.
Recently published reports have uncovered critical security vulnerabilities that could be exploited and lead to unauthorized remote control of wireless routers. Basically, if the router becomes compromised, the hacker can gain access to the firewall along with the ability to retrieve credit card numbers, confidential documents, passwords, photos and more.
There are three well-known types of attacks:
- Attacks can be launched directly against the router without access to credentials.
- Human activity that allows unauthenticated attacks, which require following a malicious link or browsing an unsafe page.
- Authenticated attacks, which require the attacker to have access to credentials or that the victim is logged on with an active session.
Unfortunately, there is no fool-proof way to prevent an attack, but here are some common-sense steps that can help:
- Follow the manufacturer’s directions to properly set-up your router.
- After installing a new router, update the firmware. Continue to access updates on a regular basis, since they are usually not automatic.
- Change the router’s default username and passwords. Make them something unique and complicated. (Please note, some router firmware will not allow you to change the username, so this may not be an option.)
- Clear the browser cache and cookies after changing any router setting.
- Use WPA2 security protocol instead of WEP. WEP works by using secret keys or codes to encrypt data. It is defined as the 802.11 standard and aims to provide security by encrypting data over radio waves as they are transmitted from one point to another. Since the same codes are generally used for long periods of time, they can be hacked more easily. WPA2 is the latest implementation of WPA, and offers a higher level of assurance that only authorized users can access the wireless network. It is based on 802.11i standard and provides government grade security. The type of security you use is dependent upon the wireless router vendor, so reference the user manual for your router.
- While Wi-Fi Protected Setup provides an easy to use WPA2 configuration, it has its own flaws. It is recommended that WPS be turned off to avoid leaving a potential vulnerability open to the public.
- Turn off remote administration.
- Avoid questionable links and websites.
When you receive an email that appears to be from your bank, Internet provider or any other service provider, it may be phishing. Phishing allows criminals to use your personal information for their own benefit or profit. That’s why it’s important to look for clues to identify whether the message is legitimate or a scam.
Look out for these details:
- A message from PenTeleData or most other reputable companies would not come from hotmail or another free email account.
- A logo can make the message look authentic, but anyone can copy and paste an image.
- Don't be fooled just because the sender uses your real name. The message can still be from a stranger across the street, across the country or around the world.
- An informational email will not ask you to respond. Phishers generally create a sense of urgency for you to reply.
- Click-on links can be misleading. In other words, they may not direct you to the website they appear to represent. A hyperlink is a word, group of words, or image that you can click on to jump to a new webpage, document or a new section within the current document. Unless these are clearly stated addresses (and even they can be deceiving), never click on a hyperlink.
- Misspelled words and grammatical errors are often an immediate tip-off that the message is likely a phishing attempt.
- No respectable organization or company will ask you for your social security number, account numbers, password, or date of birth in an email.
- If the message does not contain alternate contact information, such as a telephone number, that matches your credit card or billing statement, it is likely a scam.
- The URL should match any links in the email. They should reference the same domain name, without any misspellings.
When was the last time you watched a DVD? Purchased a CD? Whether it was music or video, it probably contained an FBI warning. Copyright protects the value of creative work, and any unauthorized reproduction or distribution is breaking the law.
As an Internet provider, PenTeleData receives notification of these infringements on a regular basis, and we are required to follow-up on each occurrence. It's a time consuming process, and most often, the response from our customers is the same: "I didn't know that I had done something wrong." Still, it's an age-old crime: stealing. When using the Internet, there isn't a warning that tells you that your actions are illegal, but the law still applies. Federal law allows for severe penalties, including loss of your Internet service.
Fortunately, knowledge is power, and the following information can save you from committing a crime:
- Copyright law protects literary works, paintings, photographs, drawings, films, music, choreography, sculptures and many other things. (Basically, if someone created it, they deserve the credit and proceeds.)
- If you copy or distribute copyrighted work, you can be prosecuted in criminal court and/or sued for damages in civil court.
- It is illegal to download unauthorized copies of any copyrighted material – even if you don't intend on sharing it or passing it along to others.
- Peer-to-Peer networks allow Internet users to link their computers with other computers around the world. If you allow a file-sharing network to use part of your computer's hard drive to store copyrighted material that anyone can access and download, it's illegal. File Sharing is the distribution of data (documents, music, videos, images, e-books or any other digitally stored information) through the use of a peer-to-peer network, email, etc.
- Torrent or bit torrent is very similar to other P2P programs (like LimeWire, Kazza etc.). Torrents integrate themselves into your web browser (example: Internet Explorer, Firefox, Safari etc.) and create a new file type ".tor" (abbreviated for torrent) within the Windows operating system, similar for the Macintosh operating system. When finding a file that you wish to download, the download will initially start as a small file but then builds itself from other users around the globe until your download is complete. While you are downloading, other users begin to connect to you and get file chunks from you. This is still copyright infringement!
- Parents: Make sure that each member understands that copyright infringement is a serious matter. As the owner of the Internet account, you are responsible for the illegal activity of anyone who uses your service.
Have you used a grocery store card or savings card today? Have you used a key word to search for something on the Internet? If so, then your data is probably being used by someone for tracking or marketing purposes.
Many recent news headlines have focused on privacy and how companies, especially web browsers and social media providers, are using the information they gather. The government has even gotten involved, with the Federal Trade Commission working on new, tighter restrictions to regulate what companies can and cannot collect and use. Although progress is being made on a do-not-track tool, advocacy groups have voiced opinions ranging from praise to criticism. Some believe that the FTC recommendations could stifle the efficiency and innovation that consumers want from the Internet and cite concerns over the economic impact the rules could cause. Others believe that even stricter action needs to be taken as quickly as possible. The disagreement means that enforceable guidelines could take a while to become final.
In the meantime, there are some steps that you can take as this journey evolves for both consumers and businesses alike. Over time, the general perception of what might be acceptable has changed. Just a decade ago, it was somewhat unsettling to post a personal picture on the Internet. Now it's very common. Still, most consumers have three main concerns: disclosure or misuse of personal information, identity theft, and intrusion of privacy. Ultimately, the key is to decide how much you and your family are willing to share. Then, make informed choices about how your information is accessed and used.
Here are some helpful tips:
- Most social media websites allow you to control your security settings. Be sure to customize these options so that you decide who can see your personal information and posts.
- Pay attention to cookies. Have you ever noticed that some of the ads you see online seem to be targeted to you? That's because they probably are. A cookie is information that is saved by your web browser and used by companies that collect, store and share information about your online activities. They can also be used to customize your browser experience. This can be very beneficial or questionable, depending on your point of view. For example, first-party cookies are placed on the site when you visit to make your experience more efficient. Than help sites remember the items in your shopping cart, your high game scores, your preferences (like the weather in your home town), or remember your log-in name. Third-party cookies are placed by someone other than the site you are visiting. These may include an advertising company that delivers the ads you see. If you read an article about a specific topic, that company may note your interest and add that to a profile. Later, you'll likely see a coupon or advertisement that relates to the article you read. Different browsers use different cookies, so you may want to consider using the browser that suits your preferences best. To check the settings, use the 'Help' tab or check in the 'Tools' tabs for options or privacy. This may allow you to change your settings to block, delete or control cookies. You can also consider software from a trusted source that can control what cookies are stored and deleted on your computer.
- Keep your browser updated. An out-of-date browser leaves you vulnerable to malware that can collect sensitive data.
- Think about a Do-Not-Track feature for your browser. Some browsers and third-party applications offer a plug-in to tell websites that you don't want to be tracked. Still, be aware that there is no guarantee that companies will honor your request.
- Clear your memory cache after browsing.
- Consider whether or not you really need to 'sign in' on a website. When you set-up an account and sign-in to browse or make a purchase, that website can track your actions, including your address, what you buy, what you've viewed, and more. When you do choose this option, be sure to use a strong password.
Whether you're banking or shopping online, doing research or social networking, you need account passwords. Unfortunately, the more details you share, the easier it is for cybercriminals to use your information. One way to help keep your personal details safe is to choose strong passwords.
Do not use personal information in your password.
Using personal information as part of or as your entire password is a security risk. It is very easy for someone to guess things like your last name, pet's name, birthdates of family members, phone number, and other similar details.
Avoid using real words as your password.
There are hundreds of tools available to help attackers guess your password. With today's computer power, it does not take long to try every word in the dictionary and gain access to a password.
Be sure that your password is secure.
You can make a password more secure by using a combination of characters. Use some uppercase letters along with lowercase letters, numbers, and even special characters such as '%' or '@'. (Example: C@mpuT3r).
Choose longer passwords.
While it stands to believe that any password created would be secure enough and nobody should be able to gain access to it, shorter passwords are easier to remember and to decode. Though longer passwords can be harder or more cumbersome to remember for you, it will also be harder for anybody else to remember, decode, or guess. With PenTeleData, your password must be more than 6 characters long, but less than 30 and contain one number or special character.
Don't recycle your passwords.
Though very tempting, reusing passwords is a security risk to your account and/or personal information. If another person does get hold of your password, it is quite possible that they will try to use it on hundreds of other sites to try to access your information.
Use caution when saving your password.
Most current web browsers have features to save your password for later visits. If you are not the only person who uses the computer, you may not want to save your password. Anyone with physical access to that computer will then be able to access your personal information. This is especially important for public computers such as libraries, Internet Cafés, etc.
Change your passwords often.
For maximum security you should change your password(s) often. It is recommended that you keep the same password for no longer than 6 months to ensure adequate security of your account. Also, depending on your Internet habits (example: Internet Cafés, public library computers, etc.), you may wish to change your password even more frequently.
Removing malware can be difficult. Preventing it from happening is much easier.
Malware, short for malicious software, is used to describe any software that was created with bad-natured intent. Some malware is intrusive and cause serious problems with your computer. Other malware can secretly steal information and send it to the designer.
There are many types of malware. Some of these include viruses, network worms, Trojans, spyware and rootkits.
How does malware spread?
Malware is distributed through the Internet. Some are downloaded from websites; others are distributed through email as an attachment or as a hyperlink. When malware infects the computer, it can spread by sending itself to contacts stored on the computer. In fact, it will often install on a computer and tell the user to download an anti-malware program. Then, it will repeatedly tell the user to download updates or other programs which are almost always additional malware.
How can you protect your computer from malware?
Since the best defense is not to be infected at all, avoid websites that host illegal content, such as pirated software or movies. Also, avoid clicking on links in email and instant messages, even if you know the person who sent the link. And last, but certainly not least, use a trusted anti-virus program and be sure to keep it up-to-date.
How can you remove malware that has already infected your computer?
Once a computer has been infected with malware, anti-virus software is often the only way to remove the infection. In some cases, malware can damage the computer so badly that it must be reformatted by removing and reinstalling the operating system.
Google's Chrome, Microsoft Internet Explorer, Mozilla Firefox, Apple Safari, Opera, and others – they're all trying their best to earn your desktop. Perhaps you've never even given it any thought, and just use whatever browser was on your computer when it was purchased. So how should you choose?
First and foremost, whatever browser you choose should be up-to-date. The newest versions, as mentioned above, are equipped with the latest technology and features to simplify, speed-up, and boost your Internet experience. More importantly, anything old is a security risk. Here are some factors to consider:
Security - The best browsers protect against pop-ups, viruses and phishing. They should also allow you to clear personal information, including your search history. Some even offer a "do not track" option for users to block websites from gathering information.
Features - With a goal of faster and easier Internet, browsers offer features like integrated search engines, tabbed browsing and thumbnail previews. Find out which ones have the benefits most useful to you.
Support - Does the browser you choose offer support through email, FAQs, tutorials or phone? Although many browsers are free, it's helpful to have customer support if a problem does arise.
Compatibility – Your browser must work well with your operating system. For example, Windows Internet Explorer 9 does not work with some older versions of Windows, but Firefox 4 does.
Choosing Virus Protection Software
A virus is a very small computer program capable of embedding itself into files and/or computer programs. There are several types of viruses, some are very simple but yet annoying, while other, more advanced viruses will attempt to crack passwords, spam a network generating thousands of emails, install key loggers, etc. If you are on a network and you open an unsafe attachment, very good chance that you are transmitting the virus throughout the network.
In today's connected world, good virus protection is essential to protect your computer. Just as important as installing anti-virus software, is to keep it current, including purchasing the annual subscriptions. There are several options on the market, but most carry all the same benefits. Although no anti-virus software can protect your computer from all threats, here are some questions to ask when it's time to choose the one that's best for you:
Product compatibility – Is the software compatible with your current operating system?
Real-time scanning – Does it monitor system activity at all times for the presence of viruses, checking each file when it is accessed? This is a very important basic function of a good anti-virus program.
On demand scanning – Does it check every file for a good assessment of your computer at that single point in time? These should be scheduled to run on a regular basis.
Virus removal tools – If malware is found, does the program have the tools to remove it?
Product upgrades and virus definition updates – Are updates continually provided to stay safe from the most current threats?
Telephone and/or Online Support – What kind of support is available if you need it? Is there a charge for help?
Spyware – Does the program have the added advantage of protecting you from spyware?
Extra features – Are there any extra features, like identity theft protection or advance alerts before you click on a potentially harmful file?
Reputation– What do others have to say about the product you are considering? Talk to family or friends and look online for reviews about performance and reliability.
Cost – Does the price fit your budget? Many reputable programs are free, but may contain advertising in lieu of payment. Make sure that the package you choose offers all of the protection and features that you'll need.
Hopefully you've never been the owner of a compromised email account. If you have, then you already know how frustrating it can be.
At PenTeleData, when we notice that an email account has been hacked/compromised, that means that someone likely has unauthorized access, so it becomes necessary to stop that account (and the criminals) from causing further damage to our network or gaining access to other email accounts. The only way for us to isolate the incident is to suspend service to that email address. Understandably, this can make affected customers very angry. It's a no-win situation. We certainly don't want to upset our customers and customers don't want to be without service, but there's really no better way.
Luckily, we can all work together to keep these hacked emails from happening. The most common culprits are virus or malware infection, phishing, weak passwords or shared passwords. While each of these may sound somewhat simple or harmless, they're not.
At PenTeleData, we run anti-virus and anti-spam systems to help protect against phishing, viruses, SPAM, and malware on our email servers. We have host and network intrusion detection systems to identify and prevent our servers from getting hacked. We also maintain firewalls and keep server software and/or Operating System patches up to date.
It's VERY important for our customers to help too. First and foremost, make sure that you're using current virus protection software and a current operating system on your computer. Then, create strong passwords and don't share them with anyone. Last, beware of any email or pop-up box that asks you to provide personal information.
We also recommend changing your passwords frequently. To change your PenTeleData email password, go to our webpage, www.ptd.net. Click on the "Account Management" link (This is located on the top right side of our page, under the heading of "PenTeleData Customer Tools"). When prompted, log in with your email name and password (this page may open in a new window). Click on the "Change Password" link and follow the prompts to change your password. Then, log out of Account Management and close the window.
So you already have up-to date virus protection and a firewall on your computer, locks on your home or business's windows and doors, and maybe you even have a security system with all the important alarms and alerts. No one has unauthorized access to your information, right? Not necessarily. Social engineering is on the increase, so it's important to understand what it is and how to avoid becoming a victim.
Social engineering is basically the "art" of getting people to drop their guard and reveal details or access that they'd usually refuse. An attacker uses human interaction, that is, their social skills, to obtain information. They may seem unassuming and respectable, but by asking questions, they may be able to gather enough details to steal an identity, access bank accounts, enter your home or workplace, or many other devastating scenarios.
Be Skeptical to Avoid Becoming a Victim:
- Be very leery of unsolicited phone calls, visits, or email messages that request any type of personal or confidential information. Even if someone seems to know about you, your family or your employer, they could have obtained those details from a social networking site. For example, did someone post vacation pictures, the results of a ball game, or your spouse's name? Criminals can use small details to make you believe they are safe.
- Do not give sensitive information to anyone unless you are sure that they are indeed who they claim to be and that they should have access to the information. NEVER share passwords, Personal Identification Numbers (PIN) or access codes.
- Do not provide information about your employer, including its employees or networks, unless you are certain of a person's authority to have the information.
- Do not reveal personal or financial information in email, and do not respond to email solicitations.
- Don't send sensitive information over the Internet before confirming the website's security.
- If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a website connected to the request; instead, check your previous statements for contact information.
What if you think you might already be a victim of Social Engineering?
- If you believe you might have revealed sensitive information about your employer, report it to management. They can contact the appropriate staff to be on alert for suspicious or unusual activity.
- If your financial accounts may be compromised, contact your financial institution immediately and watch for any unexplainable charges to your account.
- Change your passwords and make sure that you DO NOT use the same password for multiple resources. Be sure not to use the compromised password in the future.
- Watch for other signs of identity theft, such as missing mail, errors on your credit report, or unexpected phone calls about money owed.
- Consider reporting the attack to the police and file a report with the Federal Trade Commission.
Online shopping can be much easier than dealing with crowds and traffic, but there are some important security tips to keep in mind.
These simple steps can help ensure that you are shopping on a safe and trustworthy website:
- Look for third party seals of approval, such as the Better Business Bureau Online and TRUSTe. These should be clearly posted and link to the organization that created them. Be wary of reputable merchants that use the seals without permission.
- Keep your browser updated and consider a filter that warns you of suspicious websites.
- Find out what other shoppers have to say by reading evaluations on sites such as Epinions.com or BizRate. Customer evaluations can help you determine a company's legitimacy.
- Record the details of your purchase and delivery terms to make sure that you receive what you expected.
- Check for the lock icon or "https:" in the web address to ensure the site uses a secure connection to collect payment information.
- Don't let the site store your credit card information.
- Read the site's privacy, return and refund policies before you make a purchase.
- Pay by credit card. Most credit card companies offer extra protections including extended warranties and protection against loss or theft.
- Never disclose your social security number to online merchants.
- Finally, enjoy your holiday! These simple steps will make it much more likely that there will be problems with your online purchases!
Internet and data connections have become mission critical for many homes and businesses. At PenTeleData, we've been proactively planning for outages for many years now. We've instituted a rigorous schedule of preventative maintenances, during which time all generators are load tested, batteries in UPSs and DC plants are tested and environmental controls are inspected. It's a constant work in progress, but please be assured that the reliability of your service is our top priority.
It's important for households to prepare for emergencies too. Since your family may not be together when a disaster strikes, you'll want to plan for a variety of situations. The following are suggestions from the FEMA website www.ready.gov.
- Build an emergency kit that includes the following items: water, one gallon of water per person per day for at least three days, for drinking and sanitation; food, at least a three-day supply of non-perishable food; battery-powered or hand crank radio and a NOAA Weather Radio with tone alert and extra batteries for both; flashlights and extra batteries; a first aid kit; a whistle to signal for help; dust masks to help filter contaminated air and plastic sheeting and duct tape to shelter-in-place; moist towelettes; garbage bags and plastic ties for personal sanitation; a wrench or pliers to turn off utilities; a manual can opener for food; local maps; a cell phone with chargers, inverter or solar charger.
- Prepare yourself and your family for a disaster by making an emergency plan. Remember to address the care of pets, aiding family members with access and functional needs and safely shutting off utilities. You may also want to inquire about emergency plans at work, daycare and school. If no plans exist, consider volunteering to help create one.
- Learn how to send updates via text and internet from your mobile phone to your contacts and social channels in case voice communications are not available. Text messages and the internet often have the ability to work in the event of a phone service disruption.
- Program "In Case of Emergency" (ICE) contacts into your cell phone so emergency personnel can contact those people for you if you are unable to use your phone.
- If you have a traditional landline (non-broadband or VOIP) phone, keep at least one non-cordless receiver in your home because it will work even if you lose power.
- Prepare a family contact sheet. This should include at least one out-of-town contact that may be better able to reach family members in an emergency.
- For non-emergency communications, use text messaging, email, or social media instead of making voice calls on your cell phone to avoid tying up voice networks.
- Store your important documents such as personal and financial records in a password-protected area in the Cloud or a secure flash or jump drive that you can keep readily available.
- Refer to emergency resources like the National Weather Service at www.weather.gov and the American Red Cross at www.redcross.org.
Security Tips for Your Bluetooth Technology
Even if you don’t already use Bluetooth technology, chances are good that you’ve heard or seen someone who does. One example is that person in the grocery store who appears to be talking to himself, that is, until you notice the small earpiece attached to the side of his head.
Bluetooth is a widely-used technology that allows devices such as mobile phones, computers, storage devices, wireless keyboards and other interactive devices to communicate with each other without cables or wires. It is an electronics "standard," which means that manufacturers that want to include this feature have to incorporate specific requirements into their electronic devices to ensure that the devices can recognize and interact with other devices that use the Bluetooth technology.
It is possible to configure Bluetooth technology to be reasonably secure, but if someone can "discover" your Bluetooth device, he or she may be able to send you unsolicited messages or use your Bluetooth service, which could cause you to be charged extra fees. Worse, an attacker may be able to find a way to access or corrupt your data.
How can you protect yourself? The United States Computer Emergency Readiness Team, a part of the U.S. Department of Homeland Security, offers the follow tips on their website:
•Disable Bluetooth when you are not using it - Unless you are actively transferring information from one device to another, disable the technology to prevent unauthorized people from accessing it.
•Use Bluetooth in "hidden" mode - When you do have Bluetooth enabled, make sure it is "hidden," not "discoverable." The hidden mode prevents other Bluetooth devices from recognizing your device. This does not prevent you from using your Bluetooth devices together. You can "pair" devices so that they can find each other even if they are in hidden mode. Although the devices (for example, a mobile phone and a headset) will need to be in discoverable mode to initially locate each other, once they are "paired" they will always recognize each other without needing to rediscover the connection.
•Be careful where you use Bluetooth - Be aware of your environment when pairing devices or operating in discoverable mode. For example, if you are in a public wireless "hotspot," there is a greater risk that someone else may be able to intercept the connection than if you are in your home or your car.
•Evaluate your security settings - Most devices offer a variety of features that you can tailor to meet your needs and requirements. However, enabling certain features may leave you more vulnerable to being attacked, so disable any unnecessary features or Bluetooth connections. Examine your settings, particularly the security settings, and select options that meet your needs without putting you at increased risk. Make sure that all of your Bluetooth connections are configured to require a secure connection.
•Take advantage of security options - Learn what security options your Bluetooth device offers, and take advantage of features like authentication and encryption.
Wait! No…!! Don’t Open that E-mail Attachment Until You Know that It Is Safe!
The United States Computer Emergency Readiness Team, a part of the U.S. Department of Homeland Security, offers the follow tips on their website at
Why can e-mail attachments be dangerous?
Some of the characteristics that make e-mail attachments convenient and popular are also the ones that make them a common tool for attackers:
- E-mail is easily circulated - Forwarding e-mail is so simple that viruses can quickly infect many machines. Most viruses don't even require users to forward the e-mail—they scan a users' computer for email addresses and automatically send the infected message to all of the addresses they find. Attackers take advantage of the reality that most users will automatically trust and open any message that comes from someone they know.
- E-mail programs try to address all users' needs - Almost any type of file can be attached to an e-mail message, so attackers have more freedom with the types of viruses they can send.
- E-mail programs offer many "user-friendly" features - Some email programs have the option to automatically download e-mail attachments, which immediately exposes your computer to any viruses within the attachments.
What steps can you take to protect yourself and others in your address book?
- Be wary of unsolicited attachments, even from people you know - Just because an e-mail message looks like it came from your mom, grandma, or boss doesn't mean that it did. Many viruses can "spoof" the return address, making it look like the message came from someone else. If you can, check with the person who supposedly sent the message to make sure it's legitimate before opening any attachments. This includes email messages that appear to be from your ISP or software vendor and claim to include patches or anti-virus software. ISPs and software vendors do not send patches or software in email.
- Keep software up to date - Install software patches so that attackers can't take advantage of known problems or vulnerabilities. Many operating systems offer automatic updates. If this option is available, you should enable it.
- Trust your instincts - If an e-mail or e-mail attachment seems suspicious, don't open it, even if your anti-virus software indicates that the message is clean. Attackers are constantly releasing new viruses, and the anti-virus software might not have the signature. At the very least, contact the person who supposedly sent the message to make sure it's legitimate before you open the attachment. However, especially in the case of forwards, even messages sent by a legitimate sender might contain a virus. If something about the email or the attachment makes you uncomfortable, there may be a good reason. Don't let your curiosity put your computer at risk.
- Save and scan any attachments before opening them - If you have to open an attachment before you can verify the source, take the following steps:
- Be sure the signatures in your anti-virus software are up-to-date.
- Save the file to your computer or a disk.
- Manually scan the file using your anti-virus software.
- If the file is clean and doesn't seem suspicious, go ahead and open it.
- Turn off the option to automatically download attachments - To simplify the process of reading e-mail, many e-mail programs offer the feature to automatically download attachments. Check your settings to see if your software offers the option, and make sure to disable it.
- Consider creating separate accounts on your computer - Most operating systems give you the option of creating multiple user accounts with different privileges. Consider reading your e-mail on an account with restricted privileges. Some viruses need "administrator" privileges to infect a computer.
- Apply additional security practices - You may be able to filter certain types of attachments through your e-mail software or a firewall.
It’s no secret: Cybercriminals continue to be a threat to information that was once considered private. Whether the threat is from a group or within an organization, breaches are no longer a matter of “if”, but rather “when”.
According to the Trustwave® 2013 Global Security Report, here is what cybercriminals targeted most in 2013:
Customer Records (Payment Card Data, Personally Identifiable Information, E-Mail Addresses) – 96%
Confidential Information & Intellectual Property– 2%
Electronic Protected Health Information – 1%
Business Financial Account Numbers – 1%
The primary data type targeted by attackers was cardholder data. There is a well-established underground marketplace for stolen credit card data and numbers can be bought, sold, and used very quickly. So what does this mean to you, as an individual, and what can you do to avoid becoming a victim of credit card fraud? Don’t be paranoid, but be aware. Here are some other helpful tips:
- Shop with companies that you know and that have a solid reputation. Always determine the company's return and refund policy before you place an order.
- Create strong passwords.
- Never give your credit card information via email. It will not be secure.
- Never lend credit cards to someone else or write down the numbers on a piece of paper.
- Never give a credit card number over the telephone, unless you have initiated the transaction and know without a doubt that the business you have called is reputable.
- Never sign a blank receipt. Draw a line through any blank spaces above the total and keep copies of your receipts to compare with the transactions on your monthly billing statements.
- Review credit card statements every month. Contact your creditor in writing about any questionable charges as soon as you notice them.
- Be cautious if you're asked to provide personal information, such as your Social Security Number. It is rarely necessary and should raise a red flag.
- When making a payment over the Internet, use only a secure web browser. Watch for the lock icon and/or “https” in the address bar. These can indicate that your payment information will be encrypted (scrambled) in transit.
- Keep your eye out for scams. If something doesn’t seem right, trust your instincts.
Maybe you recently planned to purchase a new computer or plan to do so in the near future. Congratulations! It’s an important purchase. Even if you were able to hook it up and use it right out of the box, that doesn’t mean that you should. In fact, there are a few steps you should take to protect your identity and your purchase.
Most of us rely heavily on our computers for banking and bill paying, connecting with friends and family, shopping, surfing the Internet and more. We trust them with our personal information and assume that they’ll always be secure from any damage or harm, but that’s not always true. Attackers can infect computers with malware or malicious software, taking advantage of unsafe user practices, find flaws in your programs to exploit, spread malware, access your information, and change the configurations on your computer for their own benefit.
BE SECURE: Here are some steps you can take to reduce the risks:
Beware of unnecessary default features and software. Intruders can attack your computer by exploiting software weaknesses (vulnerabilities), so it makes sense to know what you have and disable any nonessential services. If these services are enabled in your operating system, disable them only if you don’t use them. Research any services you aren’t sure about before you disable or modify them, because many are critical to your computer’s operation.
Exercise caution when providing personal information, opening email attachments and clicking on untrusted links. Phishers are often the originators of spam e-mail messages—especially the ones that mention a problem with one of your accounts and ask for personal information to deal with some urgent issue. If you receive an e-mail like this, attempt to confirm the validity of the message. You can do this by picking up the telephone and calling the organization or business in question or by visiting their official website. DO NOT click any links in the questionable e-mail message and DO NOT give the sender of the message any personal information.
Safeguard your router. Follow the manufacturer’s directions to properly set-up your router and update the firmware. Continue to access updates on a regular basis, since they are usually not automatic. It is also important to change the router’s default username and passwords. Make them something unique and complicated. (Please note, some router firmware will not allow you to change the username, so this may not be an option.)
Enable and configure a firewall. A firewall is a piece of hardware or software that acts as a protective barrier between a computer or network and the Internet. Its primary purpose is to control access to the protected computer(s) or network(s). The term firewall comes from the manner in which the firewall divides a network (the Internet is essentially a very large network) into smaller sub-networks, confining any damage and controlling access to one segment of the network just like a fire door or firewall confines a fire to one area of a building.
Create strong passwords and change them at least every six months. Avoid using real words or personal information. Choose a longer password over a shorter password and don’t use the same one for multiple sites. Use some uppercase letters along with lowercase letters, numbers, and even special characters such as ‘%’ or ‘@’. (Example: C@mpuT3r)
Use current antivirus and antispyware software. In today’s connected world, good virus protection is essential to protect your computer. Just as important as installing anti-virus software, is to keep it current, including purchasing the annual subscriptions. There are several options on the market, but most carry all the same benefits.
Review your security settings, especially on social media accounts. Most social media websites allow you to control your security settings. Be sure to customize these options so that you decide who can see your personal information and posts. Pay attention to cookies. Have you ever noticed that some of the ads you see online seem to be targeted to you? That’s because they probably are. A cookie is information that is saved by your web browser and used by companies that collect, store and share information about your online activities. They can also be used to customize your browser experience. This can be very beneficial or questionable, depending on your point of view. For example, first-party cookies are placed on the site when you visit to make your experience more efficient. Than help sites remember the items in your shopping cart, your high game scores, your preferences (like the weather in your home town), or remember your log-in name. Third-party cookies are placed by someone other than the site you are visiting. These may include an advertising company that delivers the ads you see. If you read an article about a specific topic, that company may not your interest and add that to a profile. Later, you’ll likely see a coupon or advertisement that relates to the article you read. Different browsers use different cookies, so you may want to consider using the browser that suits your preferences best. To check the settings, use the ‘Help’ tab or check in the ‘Tools’ tabs for options or privacy.
Enable automatic updates. Unless you diligently keep tract of operating system updates on your own, allowing automatic updates is an easy way to make sure that you have the most recent security patches.
What is Data Usage?
Wouldn’t it be nice if we could pay one set price for all the heating oil (or wood pellets, electricity, kerosene, natural gas, etc.) we could use for a month or a season? That way, no matter how brutal a winter, we wouldn’t have to worry about any additional costs to heat our homes. It sounds like a perfect scenario, doesn’t it?
But, what about the person with an 800 square foot home. Should they have to pay the same as the person with a 4,000 square foot home? What about the person who turns the thermostat up to 80 degrees while someone else keeps their home at 64 degrees? What if the price of fuel rises drastically mid-season? Who should absorb that cost – the supplier?
Overall, that plan just couldn’t work. The same is true for data. Data usage is the measurement of information that is sent and received by an electronic device. In other words, the amount of information downloaded or uploaded through an Internet connection, including streaming videos and music, downloading webpages, online gaming and more. Network resources are not unlimited, so PenTeleData manages our network and policies to deliver the best possible Internet experience to all customers. This means setting data usage limits based on a customer’s chosen service. Fortunately, almost all customers stay well within these limits without even trying.
Here are some usage estimates:
• Web Surfing for one hour = 18 MB
• Average Email size (without attachments) = .02 MB
• Online Gaming for one hour = 20 MB
• Social Networking for one hour = 51 MB
• Streaming Video for an hour (SD) = .75 GB
• Streaming Video for an hour (HD) = 2 GB
• Video Chatting for an hour = .34 GB
Please note: 1 GB (gigabyte) = 1024 MB (megabytes)
To exceed a 250 GB limit, you would have to do any of the following:
• Send 50 million e-mails (at 0.05 kb/email)
• Download 50,000 songs (at 5 MB/song)
• Download 63 high definition movies (at 2 GB/hour streaming) ex. Based upon 2 hour movie
• Upload 25,000 high resolution digital photos (at 10 MB/photo)
*These numbers are estimates. Actual usage may vary.
Do you have additional questions about data usage? We offer an online calculator resource, designed to show the varying totals based on activity at www.penteledata.net/calculator. You can also visit our Data FAQ page at www.penteledata.net/datafaq.
Cyberattacks and Distributed Denial of Service Mitigation
A cyberattack is an attempt to damage, disrupt, or gain unauthorized access to a computer, computer system, or electronic communications network.
Over the past several years, several significant cyber-incidents have affected companies and government networks. According to an article published by the New York Times, the F.B.I. now ranks cybercrime as one of its top law enforcement activities, costing billions of dollars with no end in sight. In December 2013, Target reported a data breach which included theft of credit and debit card information from more than 40 million customers. Then, in April 2014, Michaels, an arts and crafts supplier, estimated that data from three million customers’ payment cards may have been stolen over several months. In June 2014, Community Health Systems, which operates 206 hospitals in 29 states, said that personal data including names, birthdates, Social Security numbers and addresses of 4.5 million patients had been compromised in a Chinese cyberattack on its network. By summer of 2014, JPMorgan Chase said account information of 83 million households was compromised. Later, cyberattacks affected businesses like Home Depot, Staples and Sony Pictures.
DDoS (Distributed Denial of Service) attacks target a connection with traffic, often with the goal of taking service offline. Any business can be a target and anyone with an Internet connection can find tools to launch an attack. These attacks can target connection bandwidth, security infrastructure, and a wide variety of applications that companies rely on, including HTTP, HTTPS, VoIP, DNS, and SMTP.
Motivation for these attacks can vary and they can come from around the world. Some may use DDoS to make a political statement, others to extort money. Attacks may also be a smokescreen to cover other illegal activity. While administrators focus on getting their website online, the offender can plant malware or steal information.
Like most networks, PenTeleData has been the target of Distributed Denial of Service attacks. These attacks cause wide spread issues and affect all customer traffic. Many of these attacks are intended to interrupt service or simply cause mayhem, but we take each one very seriously. We are proactive about planning and respond quickly when they happen. As part of our NextGen Network upgrade, we have implemented a mitigation solution that constantly monitors traffic entering from the Internet. When an attack is being directed toward our users we automatically route the traffic through a specialized process that handles scrubbing out the nasty bits and sending on all the rest– in a totally transparent manner! When the attack stops, the traffic is routed back via the normal path. This is a network wide feature and something that’s included in our offering at no additional cost to our customers.
Say Cheese! Do Your Photos Jeopardize Your Privacy or Safety?
The convenience of posting photos with friends and family has become more fun and convenient than ever. Social networking sites make it easy to share pictures with grandma and grandpa, your coworkers, your childhood friends, or anyone who has an interest. Still, it is important to consider a few simple tips pertaining to copyright, privacy and safety issues.
- Disable the GPS technology before taking pictures with a smartphone or other location enabled camera if you plan to post them online. Otherwise, the coordinates of your exact location are recorded with the photo. This could publicize your home address or other places you visit
- Read the Terms of Service on photo sharing websites and other social networks. Otherwise, you may inadvertently give permission to websites or their users to use your photo as their own.
- Check your privacy settings on any websites where you may share photos. When possible, select the option that allows you to keep photos from being found by search engines. In addition, the best way to keep pictures private is to limit those who can view them.
- Know who your friends and followers are. If you have hundreds of friends on Facebook or any other social media sites, perhaps you don’t know them all too well. Decide whether you are comfortable with those people having access to your photos. If not, it may be time to review and narrow down your “friend” list. If your settings allow “friends of friends” to see your posts, your pictures could potentially be seen by thousands (or maybe more).
- Consider photo sharing sites that allow invitation-only access with password protection for viewing.
- Avoid sharing identifying information, such as full names, schools or locations of your photos.
- Watch out for lower-tech ways of sharing information. Maybe the photo was taken in front of your home or children’s school. Maybe your t-shirt has a school logo. These scenarios and others could tip off information that you would prefer to keep private.
- Use common sense. Don’t post a photo that could be embarrassing in 10 years or more. With facial recognition technology, pictures will potentially be available for years to come. That means that your toddler’s potential employer could know quite a bit about his or her childhood!
- Awkward! You may have a tough decision to make if a friend or relative posts photos of you or your child online. Do you ask them to take it down? After all, you won’t know who has access to or the picture.
- Consider a watermark. Imprinting a watermark on your photos can make it harder for someone to misappropriate the image.
Social Media and Privacy Concerns
Facebook, Twitter, Instagram, Snapchat…they’re all very popular. After all, it’s sometimes fun to see everyone’s pictures, opinions, activities, and more. It can even great for keeping in touch with extended family or old high school friends. Still, it’s a double edged sword, so there are a few factors to keep in mind regarding privacy and safety.
One thing to consider is that most of these social media platforms are free. This is possible because YOU, the user, are their product. Social media providers may offer networking opportunities, but in turn, you are sharing your viewing habits, contact lists, and more. This can be filtered to determine what you should or should not see, including political opinion or articles promoted by advertisers who want access to you. They can even use your information to sell your habits, views, shopping detail, etc. to others who can also use this information for profit. Every company that advertises online is interested in knowing what sites you visit, what you buy, who you’re friends with on social networks, what you like and more. By gathering information about your online activities they can serve you targeted ads that are more likely to entice you to buy something.
Some other tips to consider include:
- Be cautious about or don’t fill out your social media profile. The people who need your birthdate, email address and phone numbers probably have them. The more information you share online, the easier it is for someone else to get their hands on it.
- Check your privacy settings. Other than not using social media at all, the best way maintain your privacy is to limit who has access to it.
- Know who your friends and followers are. If you have hundreds of friends on Facebook or any other social media sites, perhaps you don’t know them all too well. Decide whether you are comfortable with those people having access to your information and photos. If not, it may be time to review and narrow down your “friend” list. If your settings allow “friends of friends” to see your posts, your pictures could potentially be seen by thousands (or maybe more).
- As a rule of thumb, don't "friend" strangers.
- It’s easy to create a fake account or profile and hide behind another identity. Never assume that someone is who they claim to be.
- Read the Terms of Service to know how your information is being used.
- Avoid sharing identifying information, such as full names, schools or photos. Maybe the photo was taken in front of your home or children’s school. Maybe your t-shirt has a school logo. These scenarios and others could tip off information that you would prefer to keep private.
- Use common sense. Don’t post anything that could be embarrassing in 10 years or more. With facial recognition technology, pictures will potentially be available for years to come. That means that your toddler’s potential employer could know quite a bit about his or her childhood!
- Beware of phishing attempts. Answering those fun questions and surveys can help an identity thief know more about you.
Perhaps your browsing speed seems to be slowing to a crawl or you can’t stream a video you’d really like to watch. Maybe you work from home, so it’s vital to you that your connection to the Internet is strong and uninterrupted. Maybe between your families’ tablets, wireless phones, gaming systems, TVs and computers, good Wi-Fi is essential to your household, but has become less than great. There are many reasons why your connection may be less than ideal, but some of the most likely can be simple to fix, without costing you a dime. Even if everything seems to be working well, keep these tips in mind to get the most out of your home Wi-Fi Network:
Where should the wireless router be located? It may be tempting to place your router inside a cabinet and out of the way or next to a window where the cable comes into your home, but that may not be best. A wireless router needs open spaces, away from walls and obstructions. If your wireless router has external antennas, orient them vertically to bump up coverage and if it’s possible, elevate the router too.
What’s the frequency, Kenneth? If you have a dual-band router, you’ll likely get better performance from the 5GHz band instead of the more common 2.4GHz band. This can be changed in your router’s administrator interface.
What channel are your using? Just like the walkie-talkies some of us used as kids, all modern routers are multichannel. They can switch across different channels when communicating with your devices. Most of us use the default channel, but if neighboring wireless networks are using the same, it can cause signal congestion. You can change the channel in your wireless network’s administrator interface, typically under the basic wireless setting category.
Does your router need a firmware update? Router manufacturers are always tweaking software to increase performance and speed. Depending on the manufacturer and model, most current routers have the update process built into the administration interface, so it’s just a matter of selecting the firmware upgrade button. Others may require you to find and download the firmware from the manufacturer’s website.
Is your hardware obsolete? If the wireless router is running on old hardware, you won’t receive the best performance. If your router is a few years old, it is probably still using the 802.11g or older standard. The maximum throughput for 802.11g is 54 Mbps. The more modern 802.11n is capable of 300 Mbps and the latest, 802.11ac goes up to 1 Gbps. Contrary to the old adage, it may be time to consider a replacement, even if the router isn’t broken. In addition, your PC may need an adapter to be compatible with newer routers.
Are you in control of your router’s priorities? Most modern routers come with Quality-of-Service tools to limit the amount of bandwidth that apps use. That way, if you are video streaming or using Voice over IP, you can make sure they have priority over of your teenage son watching videos. These settings are typically under the advanced settings in the network administrator’s interface.
Could your antenna be the problem? Would you benefit from a wireless range extender? Routers are only capable of broadcasting reliably up to a certain distance, after that, the signal gets weak. If your area is large, or if there are thick walls or other physical structures that block signals, you may need a wireless range extender. It looks similar to a router, but works differently. A wireless range extender picks up the existing Wi-Fi signal from your wireless router and rebroadcasts it. It needs to be close enough to the main router to pick up a good signal.
Do you need additional access points? Access Points can be costly, but work together to create a mesh network in which each unit transmits signals to each other. This solution is best if you are covering a large space, like multiple floors or separate buildings.
Make It a Scam-free Vacation
The Federal Trade Commission recently published this article by Lisa Lake, Consumer Education Specialist, titles “Make It a Scam-free Vacation”. Since it has some good advice for this time of year, we’ve decided to share it here.
It’s almost summer! Right now, you probably have beaches on the brain or you’re thinking about that long-planned trip abroad. Before you head out, take steps to help keep your dream vacation from becoming a nightmare:
Do some research — and then carefully read the details on travel offers.
- First, get recommendations from family and friends on good travel agencies, vacation rentals, hotels and travel packages — before responding to offers.
- Look up travel companies, hotels, rentals and agents with the words “scam,” “review,” or “complaint.”
- Look for extra costs. Resort fees (also known as destination, facility and amenity fees) can add $50 or more to your nightly cost.
- Ask about taxes, which may be significant in many locations.
- Get a copy of the cancellation and refund policies before you pay.
- If you’re buying travel insurance, be sure the agency is licensed.
- Bring copies of any confirmation details that show the rate and amenities you were promised. This also helps if the hotel or host says your reservation is “lost.”
Don’t pay for “prize” vacations. No legitimate company will ask you to pay for a prize. Also, look for catches to resort or timeshare offers. They may come with taxes and fees to pay, timeshare presentations to attend, and high-pressure sales pitches to endure.
Don’t sign anything until you know the terms of the deal. Say “no thanks” to anyone who tries to rush you, without giving you time to consider the offer.
Use a credit card, if possible, for your travel spending. This gives you more protection than paying by cash or debit card — and it may be easier to dispute unauthorized charges.
Protect your identity and account information while you’re traveling.
- Take only the IDs, credit cards and debit cards you need. Make copies so, if someone steals your bag, you’ll know exactly what was lost.
- Make a copy of your insurance card to take with you.
- Leave all other important documents safe at home.
- Learn how to protect your mobile devices and personal information from hackers and malware.
And while we hope it doesn’t happen to you, report identity theft and any other fraud you experience.
How to Properly Dispose of Electronic Devices
We all have them. Whether it’s a laptop computer, a desktop computer, a tablet, a cellular phone or any other device, it’s important to know how to dispose of them properly when the time comes. It’s more than just an environmental issue, because these electronics can also hold (and potentially disclose) sensitive information about us. Computers, smartphones, gaming consoles, external hardware, digital media, and cameras allow you to keep a great deal of information at your fingertips, but when you dispose of, donate, or recycle a device you may inadvertently disclose sensitive information which could be exploited by cyber criminals.
Here is some important information to keep in mind, as described by the Department of Homeland Security at https://www.us-cert.gov/ncas/tips/ST18-005:
What are some effective methods for removing data from your device?
There are a variety of methods for permanently erasing data from your devices (also called sanitizing). Because methods of sanitization vary according to device, it is important to use the method that applies to that particular device.
Methods for sanitization include:
•Backing up data. Saving your data to another device or a second location (e.g., an external hard drive or the cloud) can help you recover your data if your device is lost or stolen.
•Deleting data. Removing data from your device can be one method of sanitization. When you delete files from a device—although the files may appear to have been removed—data remains on the media even after a delete or format command is executed. Do not rely solely on the deletion method you routinely use, such as moving a file to the trash or recycle bin or selecting “delete” from the menu. Even if you empty the trash, the deleted files are still on device and can be retrieved. Permanent data deletion requires several steps.
•Computers. Use a disk cleaning software designed to permanently remove the data stored on a computer hard drive to prevent the possibility of recovery. Another option is secure erase. This is a set of commands in the firmware of most computer hard drives. If you select a program that runs the secure erase command set, it will erase the data by overwriting all areas of the hard drive.
•Disk wiping. This is a utility that erases sensitive information on hard drives and securely wipes flash drives and secure digital cards.
•Smartphones and tablets. Ensure that all data is removed from your device by performing a “hard reset.” This will return the device to its original factory settings. Each device has a different hard reset procedure, but most smartphones and tablets can be reset through their settings. In addition, physically remove the memory card and the subscriber identity module card, if your device has one.
•Digital cameras, media players, and gaming consoles. Perform a standard factory reset (i.e., a hard reset) and physically remove the hard drive or memory card.
•Office equipment (e.g., copiers, printers, fax machines, multifunction devices). Remove any memory cards from the equipment. Perform a full manufacture reset to restore the equipment to its factory default.
•Overwriting. Another method of sanitization is to delete sensitive information and write new binary data over it. Using random data instead of easily identifiable patterns makes it harder for attackers to discover the original information underneath. Since data stored on a computer is written in binary code—strings of 0s and 1s—one method of overwriting is to zero-fill a hard disk and select programs that use all zeros in the last layer. Users should overwrite the entire hard disk and add multiple layers of new data (three to seven passes of new binary data) to prevent attackers from obtaining the original data. Cipher.exe is a built-in command-line tool in Microsoft Windows operating systems that can be used to encrypt or decrypt data on New Technology File System drives. This tool also securely deletes data by overwriting it.
•Clearing is a level of media sanitation that does not allow information to be retrieved by data, disk, or file recovery utilities. The National Institute of Standards and Technology (NIST) notes that devices must be resistant to keystroke recovery attempts from standard input devices (e.g., a keyboard or mouse) and from data scavenging tools.
•Destroying. Physical destruction of a device is the ultimate way to prevent others from retrieving your information. Specialized services are available that will disintegrate, burn, melt, or pulverize your computer drive and other devices. These sanitization methods are designed to completely destroy the media and are typically carried out at an outsourced metal destruction or licensed incineration facility. If you choose not to use a service, you can destroy your hard drive by driving nails or drilling holes into the device yourself. The remaining physical pieces of the drive must be small enough (at least 1/125 inches) that your information cannot be reconstructed from them. There are also hardware devices available that erase CDs and DVDs by destroying their surface. Magnetic media degaussers expose devices to strong magnetic fields that remove the data that is magnetically stored on traditional magnetic media.
•Solid-state destruction. The destruction of all data storage chip memory by crushing, shredding, or disintegration is called solid-state destruction. Solid-State Drives should be destroyed with devices that are specifically engineered for this purpose.
•CD and DVD destruction. Many office and home paper shredders can shred CDs and DVDs (be sure to check that the shredder you are using can shred CDs and DVDs before attempting this method).
How can you safely dispose of out-of-date electronic devices?
Electronic waste (sometimes called e-waste) is a term used to describe electronics that are nearing the end of their useful life and are discarded, donated, or recycled. Although donating and recycling electronic devices conserves natural resources, you may still choose to dispose of e-waste by contacting your local landfill and requesting a designated e-waste drop off location. Be aware that although there are many options for disposal, it is your responsibility to ensure that the location chosen is reputable and certified. Visit the Environmental Protection Agency’s (EPA) Electronics Donation and Recycling webpage for additional information on donating and recycling electronics. For information on recycling regulations and facilities in your state, visit the EPA Regulations, Initiatives, and Research on Electronics Stewardship webpage.
Know the Basics about Social Engineering
“Hello, how are you? I am James and I am calling to tell you about a problem with your computer. You are not receiving Microsoft updates.”
Or maybe: “Good morning, this is Mr. Doe with your telephone company (or electric, water, or any other service provider). We’ve noticed a problem with your service and need to ask you a few questions to verify your identity so that we can resolve it.”
Or it’s a call in the middle of the night. “Have you been calling overseas for the last several hours?” When you respond with a sleepy, yet startled, “No!” the caller may say, “Well, we have a call that’s occurring right now and it’s being charged to your calling card. You have already accumulated over $1,000 in charges. If you take care of this now by verifying your calling card number and PIN and make payment with a credit card, I can give you a onetime courtesy credit for half of the charges.”
Stop!!! It’s easy to just start answering questions or to try to handle a problem, but these calls are almost always social engineering scams. Social engineering is basically the “art” of getting people to drop their guard and reveal details or access that they’d usually refuse. An attacker uses human interaction, that is, their social skills, to obtain information. They may seem unassuming and respectable, but by asking questions, they may be able to gather enough details to steal an identity, access bank accounts, enter your home or workplace, or many other devastating scenarios.
Avoid Becoming a Victim: Be very leery of unsolicited phone calls, visits, or email messages that request any type of personal or confidential information. Even if someone seems to know about you, your family or your employer, they could have obtained those details from a social networking site. For example, did someone post vacation pictures, the results of a ball game, or your spouse’s name? Criminals can use small details to make you believe they are safe. NEVER EVER give sensitive information to anyone unless you are sure that they are indeed who they claim to be and that they should have access to the information. NEVER share passwords, Personal Identification Numbers (PIN) or access codes. If you are unsure whether an email request is legitimate, try to verify it by contacting the company directly. Do not use contact information provided on a website connected to the request; instead, check your previous statements for contact information.
Be Alert! It’s much easier to hang up the phone, even it feels like you’re being rude, than to deal with the hassle and financial strain that can result from falling for a scam.
The Internet of Things and Personal Privacy in a Hyper-Connected World
Every company has a product. For home improvement stores, it’s building materials and tools. Book stores sell books. Coffee shops sell coffee. PenTeleData’s product is the Internet. Our partners’ products are phone, cable, Internet, and security systems. All of these are pretty straight-forward. What about Google, Facebook and other social media and content providers? Their product is YOU!
Each of these companies collect and use your information, including browsing habits and any other details, to target your content. Social media providers may offer networking opportunities, but in turn, you are sharing your viewing habits, contact lists, and more. This can be filtered to determine what you should or should not see, including political opinion or articles promoted by advertisers who want access to you. They can even use your information to sell your habits, views, shopping detail, etc. to others who can also use this information for profit. In fact, all of this is even more possible with “Internet of Things” (IoT).
The IoT describes the relationships between the giant network of connected “things” and people. The IoT is basically the connecting any device with an on and off switch to the Internet and/or to each other. This includes everything from cellphones, coffee makers, washing machines, headphones, lamps, wearable devices and almost anything else imaginable, like machine components such as a jet engine of an airplane or the drill of an oil rig. The IoT is here to stay. Perhaps cars will have access to our calendars and already know the best route to take. If traffic is heavy, it could switch your route and send a text message to the other parties involved with the meeting. On a broader scale, IoT could be applied to transportation networks and smart cities with reduced energy consumption. The ideas are endless. We are, no doubt, living in an age of a digital lifestyle. For individuals, that means we may want to be more cautious about how to protect our personal information. Here are a few ideas to help:
- Routinely Update all software (PC, phone, tablets, etc.)
- Establish and maintain strong passwords
- Secure privacy settings on all social networks
- Lock down your home network
- Think carefully about what you are posting/sharing online
- Don’t use apps for tracking if you don’t want to share the information it requires
- Check your privacy settings for all devices
Maybe you received one for Christmas. Maybe you’ve seen the commercial or the comical video of the boy whose requests were misunderstood by the device. One thing’s for sure, these latest voice-controlled smart appliances are quite impressive. They can play music, control lights, and answer questions with nothing but your voice. In fact, they can even be told to order groceries or a pizza. (Quite possibly, a busy mom’s dream.)
But, are these little helpers too good to be true? That depends on your views about privacy. Here’s what we know about devices such as Amazon Echo and Google Home (as published at www.sandiegouniontribune.com/news/science/sd-me-echo-home-20170105-story.html):
- They both work in a similar manner. They constantly listen for a trigger phrase. Once activated, they record a voice query and upload it to the cloud for an appropriate response to return.
- Each boasts a roster of unique features to entice shoppers. The $130 Google Home can sync with any device that supports Google Cast, like Android smartphones and Chromecasts. The $180 Echo relies on Bluetooth, which makes it more compatible with smart home devices and wearables.
- Differences aside, both share one major downside: privacy. Both Alexa and the Google Voice Assistant are constantly listening to everyone within microphone range for input by default. That core function broaches a series of privacy concerns.
- The microphones are always listening unless physically muted.
- The voice assistants cannot differentiate between different people.
- The devices upload recordings and store them on cloud servers.
- Data collected from recordings and subsequent analyses is used to provide a customized experience and, in all likelihood, targeted advertising.
- The device's location is used to give more accurate searches and, again, targeted advertisements.
- Data may be shared with third parties and this may be unknown to the user.
- All of the data passed between an Echo or Home and its corresponding servers is encrypted, so security is not so much an issue. A hacker won't be able to decipher any intercepted communication.
The larger concern is privacy, rather than security. Voice assistants are subject to unforeseen vulnerabilities. Using them means trust in the Amazon, Google and any third-party developers that create the integrated apps and companies that could potentially gather your data. It also means that you must trust your family members and visitors who could also access your device. Ultimately, voice assistants are not private. They rely on the cloud to access applications and analyze recordings, a job that is too complex to do on the device itself. That’s why you purchase the hardware (Amazon Echo, Google Home, or any other personal assistant) and sacrifice the privacy of your usage to pay for the service. In turn, developers can use your information for marketing and data to serve advertisements and promote products. Unless a subscription model is introduced at a later time, it’s an all or nothing deal. If you aren’t willing to sacrifice your privacy, a personal assistant may not be the best choice. If you don’t mind, it can be a very convenient device.
What is Identity Theft?
Identity Theft is when someone steals your personal information and uses it without your permission. It happens to more than 11 million Americans every year and can cause trouble with your finances, credit history and reputation. It can also take time, money and extreme patience to resolve.
How common is identity theft? Even if you haven’t been victimized, when you hear news of another significant data breach or a friend tells you a story of ID theft woe, you may wonder if you’re next—or if it’s something you need to worry about at all.
The 2018 Identity Fraud Study released by Javelin Strategy & Research determined that 16.7 million people in the U.S. were victims of identity theft in 2017, up from 15.4 million in 2017, with $16.8 billion total stolen.
What are the most common types of identity theft? The Federal Trade Commission, the government agency that maintains a sort of warehouse for identity theft complaints, says the crime falls into six major categories:
- Employment- or tax-related fraud (34%)
What it is: A criminal uses someone else’s Social Security number and other personal information to gain employment or to file an income tax return.
- Credit card fraud (33%)
What it is: The thief uses someone else’s credit card or credit card number to make fraudulent purchases.
- Phone or utilities fraud (13%)
What it is: The criminal uses another person’s personal information to open a wireless phone or utility account.
- Bank fraud (12%)
What it is: The fraudster uses someone else’s personal information to take over an existing financial account or to open a new account in someone else’s name.
- Loan or lease fraud (7%)
What it is: A borrower or a lessee uses someone else’s information to obtain the loan or lease.
- Government documents or benefits fraud (7%)
What it is: The criminal uses stolen personal information to obtain government benefits.
(Percentages add up to more than 100 because some complaints involved more than one type of identity theft.)
How do thieves get your information? Thieves are resourceful and will work to get the details they want. In addition to targeting your computer or electronic devices, they may rummage through your garbage, the trash of businesses, public dumps, or may pretend to work for legitimate companies to convince you to reveal personal information.
How do you know if you’ve been targeted? Identity thieves can drain your bank account, run up charges on your credit cards, open new accounts, get medical treatment on your health insurance and in some extreme cases, even give your name to police during an arrest.
Here are some clues that may indicate that someone is using your identity:
- Unexplained withdrawals from your bank account
- Missing mail
- Calls from debt collectors for debts that you don’t recognize
- Unfamiliar accounts on your credit report
- Bills for services or goods that you haven’t received
- A condition on your medical records that you don’t have
- A notice from the IRS that more than one tax return was filed in your name or that you have income from an employer that isn’t yours
- A notice that your personal information was compromised by a data breach (Always take these seriously!)
What are the steps to take if you are a victim of identity theft? The Federal Trade Commission recommends that if your wallet, Social Security card, or other personal, financial or account information are lost or stolen, place a fraud alert on your credit file. Check your bank and other account statements for unusual activity. Order a free copy of your credit report periodically to monitor your accounts. You have a right to one free copy of your credit report from each of the national credit reporting companies every year. If you stagger your orders, you can get a credit report every four months.
In addition, create a log of telephone calls and keep copies of documents related to the loss.
How can you protect your identity?
- Safeguard your personal information, whether it is on paper, online, or on your computers and mobile devices.
- Lock your financial documents and records in a safe place at home and lock your wallet or purse in a safe place at work.
- Limit what you carry. When you go out, take only the identification, credit, and debit cards your need.
- Before you share information at your workplace, a business, your child’s school or a doctor’s office, ask why they need it, how they will safeguard it, and the consequences of not sharing.
- Shred receipts, credit offers, insurance forms, physician statements, checks and all similar documents when you no longer need them.
- Consider opting out of prescreened offers of credit and insurance by mail.
- Before you dispose of a computer or mobile device, get rid of all the personal information it stores.
- Keep your computer browser up-to-date and use security software.
- Don’t overshare on social networking sites.
- Avoid phishing emails.
- Be cautious about Wi-Fi. Don’t use a public wireless network to send personal information.
- Lock up your laptop. Don’t use an automatic login feature and always log off when you are finished using it.
- Read privacy policies to know how your information will be used.
- Use two-factor authentication to verify your identity by receiving a text message or email when you use a new device to sign in.
- Treat your mobile devices with the same care that you use to guard your desktop or laptop. Secure them with passwords, security software and encrypt any stored data.
- If you're not planning to apply for new credit anytime soon, consider freezing or pacing a fraud alert on your credit reports with the three major bureaus. This will halt any new credit being opened in your name. The downside is that if you want to apply for a loan, you would have to lift the freeze or give permission to access your report first.
How to Avoid Spam
Nearly everyone who has an e-mail address they regularly use has run into at least a small problem with spam. What is spam? Spam is bulk, unsolicited e-mail—most often, it’s trying to sell you something, and sometimes it’s trying to convince you to relinquish your credit card information, bank account information, and any other personal information you’re willing to give.
This makes spam not just a regular nuisance, but dangerous as well. If you’re one of the millions of people out there whose inbox is flooded daily with waves upon waves of spam messages, you’re probably wondering what can be done about it.
At PenTeleData, we are just as concerned about spam as you are—in fact, we use spam filters to help reduce the amount of spam traveling over our network. Unfortunately, online predators often know how to get around the filters, so we can’t catch it all. That’s where you can help.
- Although malicious websites and e-mail scams have been around for quite some time, some tactics that criminals use have become more believable than ever. It is VERY IMPORTANT to protect your computer and your personal information, such as user names, passwords, social security numbers and account numbers.
- PenTeleData will never ask our customers for personal information in an e-mail. In fact, no matter who you are dealing with (your bank, utility providers etc.) you should NEVER EVER, for any reason, include personal or financial details like account numbers, login names, passwords, or social security numbers in an e-mail.
- The best way to avoid spam is to avoid getting on the spammers list in the first place. When you sign up for something on the Web, there is often some innocent-looking text at the end of the form that indicates your permission to be contacted by select third parties. Watch to be certain that selecting the box (or not selecting it) is the option to opt out. Otherwise, your e-mail address is automatically shared.
- You should change your password(s) regularly. Avoid using real words or personal information. Choose a longer password over a shorter password and don’t use the same one for multiple sites. Use a variety of characters, numbers and symbols.
- If you like to receive advertisements and coupons or share your e-mail address at your favorite stores, consider using an alternate address specifically for that purpose. In other words, use a second e-mail address solely for these e-mails and avoid giving your primary address.
What is Blockchain Technology and How is It Changing Digital Security?
Blockchain is one of the most popular buzzwords in technology right now. It was originally used with Bitcoin, a cryptocurrency that refers to a digital coin. It’s a rather complicated to understand and explain, but knowing how the Blockchain works with bitcoin will help us translate how the technology can be used in many other real-world scenarios.
The Blockchain behind bitcoin is a public ledger of every transaction that has taken place. It cannot be changed or tampered with retrospectively, so advocates of technology believe that it makes transactions secure and safer than current systems.
Bitcoin is not controlled by one central authority. While traditional currencies are issued by central banks, bitcoin is maintained by a network of people known as miners. These miners, sometimes known as “nodes”, use computers to solve complex mathematical problems to complete transactions. Each transaction originates from a wallet with a private key, that is, a digital signature that provides proof that the transaction has come from the owner of the wallet. These transactions take place all over the world and are grouped together into a block, organized by strict cryptographic rules. The block is sent to the bitcoin network for validation. The winner receives an award in bitcoin. The validated block is then added to previous blocks, creating a blockchain. One of the advantages of blockchain is that it can’t be tampered with. Each block that is added onto the chain carries a hard, cryptographic reference to the previous block.
One of the greatest aspects of blockchain technology is the ability to customize it. This means a blockchain can be completely open to the public or it can be totally private. Bitcoin is an example of an open-source public blockchain that allows anyone to join, whereas a private blockchain would be perfect for a business.
The security of blockchain technology shows promise for many industries to potentially reduce costs and make processes more efficient and secure. These may include banking, tracking products across a supply chain, payments, voting, music sharing, state identifications, and even the possibility to help tech companies manage the Internet of Things. While blockchain technology is being experimented with across a number of industries, the future is still uncertain and the power and limitations of this technology is still unclear. No one really knows if blockchain will become viable on a larger scale, but wouldn’t it be helpful if it could keep passwords so that we only needed to remember one passcode for everything?
There is a host of legal, regulatory and technological concerns that need to be addressed before we start seeing widespread use, but there is a good chance that our digital lives may be using blockchain technology before we even realize it.