Baby boomers guilty of oversharing on Facebook
January 26th, 2010 - Posted by Kent
A new study from Experian concludes that adults over the age of 45 share too much information online. The credit score reporting company completed a study of 1,052 men and women, analyzing their behavior on social networks. The study found that "14 percent of adults – and 20 percent of those age 60 and over – listed their full home addresses in their social media profiles."
The risks are the same that we've reported on before: posting vacation plans can lead to a burglary and a favorite pet's name can inadvertently disclose a the answer to a security question. None of this is new, but what's interesting is how this study focused on the habits of baby boomers. Experian did not provide any data on how it compares to the habits of younger users, so it's hard to say if this is particularly significant.
Age aside, it does point out problems with the confusing privacy settings on social networking sites. You don't have to be over the age of forty to be confused by Facebook's privacy settings. Founder Mark Zuckerberg was caught unaware by Facebook's confusing new privacy settings, which allowed his previously private photos to be viewed by any interested Facebook user. The photos have since been made private.
I use Facebook probably far more frequently than I should and I've gone through the various Facebook privacy changes myself, and not without a bit of confusion. It seems to me that Facebook could really help all its users understand the privacy settings by creating a simple interface that would allow them to view their own profiles from different relationship levels. Facebook users would understand the rules far better if they could directly see how another user would experience their profile.
Zuckerberg recently commented on Facebook's new privacy settings, saying that: "People have really gotten comfortable not only sharing more information and different kinds, but more openly and with more people." While I agree with Zuckerberg in spirit, I think it's problematic to allow user comfort to drive privacy policy. As the Experian study shows, people become comfortable with a lot of behaviors that can leave them exposed.
All social networks need to do a better job of helping users understand how public their data is. Building those rules into intuitive, experiential tools could go a long way to doing that.
What protection is available once your identity has been stolen?
January 25th, 2010 - Posted by Caitlin
The following post in our Reader Question series is an actual user submitted question:
Q: I would like to get information on what protection is available for a person who identity is already stolen and is being attempted to be used. I was wondering about instant alerts any time my name or credit is trying to be used or credit being extended. Please contact me with this information at your earliest convenience. Thank you!
A: What you have described in your question is called a fraud alert, and it is definitely a good idea to set these alerts with the credit bureaus if you believe that your identity has been stolen. Once you set a fraud alert with one credit bureau, that bureau will notify the other two. Fraud alerts expire after 90 days, so you'll need to reset them if you want to continue to be protected. LifeLock, one of our top-reviewed identity theft protection services, can help walk you through the process of setting fraud alerts and send you reminders when they need to be reset.
You may also want to consider a credit freeze, which would lock down your credit report to prevent any new accounts from being opened in your name. The details of setting a credit freeze vary depending on your state, but you would have to pay a small fee of $10.00 or so to set the freeze, and again when you are ready to unfreeze your account. You would have to set the credit freeze with each bureau individually, and pay the fee three times. You can learn more about freezing your credit and setting fraud alerts at ConsumersUnion.org.
It is a good idea to invest in an identity theft protection service, since in addition to taking measures to prevent and detect identity theft, most of these services will also help you restore your identity if you do become a victim. To learn more about LifeLock and other identity theft protection services, see our reviews and comparison chart.
The New York Times ponders the plight of the Internet user
January 25th, 2010 - Posted by Caitlin
In this day and age, even the Fashion & Style section of The New York Times is worried about Internet security issues. This weekend, the Times recounted the experiences of Allan Goldstein, a 60 year old college professor who uses the Internet, but does so a bit nervously. He worries that NYU's online system will crash, and that he'll lose his syllabus and grades. He uses online banking, but draws the line at automated payments.
A few years ago, Mr. Goldstein was a victim of a rather low-tech variety of identity theft: dumpster diving. Mr. Goldstein believes the thief or thieves found discarded receipts and bank statements in his building's trash before changing the address associated with his credit card. Mr. Goldstein responded to the situation by purchasing a shredder.
In December, Mr. Goldstein opened a new American Express credit card account, but the first time he logged in to check his balance, he found himself in a different account, one belonging to a woman in Florida. He could see her purchase history and all of her personal information. His first move was to call American Express's customer service department and explain that he'd "hacked into someone's private account by mistake."
After a month of being brushed off by six American Express customer representatives who seemed less than concerned about the issue, Mr. Goldstein contacted The New York Times, which finally got American Express's attention. It turned out, there was no hacking or security failure going on. Mr. Goldstein's user name and password were nearly identical to those of another customer, and he had typed his own information incorrectly, which led him to accidentally sign into her account.
Sadly, the incident shook Mr. Goldstein's already tenuous faith in the Internet to such a degree that he responded by moving his savings from an online savings account to a standard account with a lower interest rate.
Clearly, American Express should have responded to Mr. Goldstein's concerns more quickly. But while Mr. Goldstein's trepidation about Internet services is understandable, he would be far safer if he did his research. While shredding sensitive documents is a good move, it is not an adequate defense against identity theft. And if Mr. Goldstein's banking user name and password were nearly identical to those of another customer, it is likely that both were using a popular and weak password.
Instead of avoiding Internet services, learn to use them safely. Protect yourself from identity thieves by investing in an identity theft protection service, or at least a credit monitoring service. Use strong passwords, with a combination of upper and lowercase letters and numbers. Be sure to install Internet security software on your PC, and set it to update automatically. Don't be afraid of online savings accounts, which generally earn higher interest rates than standard accounts. And if you're nervous about losing files, invest in an online backup service.
The return of the Norton coupon: 20% off
January 22nd, 2010 - Posted by Kent
Norton has brought back its 20%-off discount coupon, bringing the price of its award-winning Internet security suite down to $55.99. Users just need to use the coupon SYMTOP20OFF at checkout.
We really liked Norton Internet Security 2010 when we tested it. And we're not the only ones. It has received top ratings from both AV-Comparatives and AV-Test.org, two independent testing organizations.
You can see what we thought by checking out our Internet security software reviews and comparisons.
Why can't privacy be protected on a public computer?
January 21st, 2010 - Posted by Kent
The following post in our Reader Question series is an actual user submitted question:
Q: I have a question becaue I have been using a public computer which i know isn't safe but I am wondering why your privacy cannot be protected.
A: There are two big reasons why public computers aren't secure and could be used to expose your personal information, but they both stem from the same thing: if a computer is public, anyone has access to it.
Public computers are physically open to hackers who can install keyloggers or other info-snooping software or hardware. There's just no way for the average user to defend against this. We can hope that the computer's owner has security software installed, but there's never a guarantee.
The other problem with public computers is one you can actually do something about: keeping your browsing private. Web browsers store your browsing history by default. If you've ever hit the "back" button on your browser, you know that it's possible to virtually go back in time and see pages you've already visited. Just look at your web browser's "History" tab and you'll see what we mean. Web browsers can also store cookies that tell certain websites that you've already logged in, allowing someone else to revisit a site as if they were you.
Now if you need to use a public computer, there are things you can do to help keep protect your privacy:
1) Always choose "Private Browsing" when possible. Both Firefox and Microsoft Internet Explorer allow you to select this option. Do this before you start your web surfing (in Explorer this is found under the "Safety" menu, in Firefox it's under "Tools"). This will prevent the computer from remembering your cookies, temporary Internet files, history, and other data. When you're done, shut down the browser or close the browser window you were using.
2) Whenever possible, avoid sites that require you to enter any personal information such as credit card numbers, PINs, or passwords. Also, don't let it store any "auto-fill" data.
3) If you do decide to log in to a website, never let a website "remember" your login information.
4) Logged in? Make sure to log out. This will end your session and disallow anyone from going back into your account.
5) Clear the web browser's cookies, history, and cache when you're done. In Explorer, this is done using the "Delete Browsing History" function under the "Safety Tab"; in Firefox, look under the "Tools" menu for "Clear Recent History" and make sure to use the details sub menu and select everything. This is a little redundant if you're using the "Private Browsing" function, but it's not a bad habit to get into.
6) Watch out for people reading over your shoulder. Evesdropping is another risk of using a public computer. People or well-placed cameras can scope out your data, or watch the keys you type when you enter a password.
Ultimately, if you must use a public computer for your private browsing needs, you'll have to use your best judgment about how safe the computer is. If there's an administrator or other personnel responsible for the computers, ask them if there's Internet security software running.
Nextadvisor's magicJack review: VoIP on the cheap
January 21st, 2010 - Posted by Kent
MagicJack has generated a number of questions from NextAdvisor visitors and it's piqued our interest as well. We've seen the little money-saving device on infomercials, and even while in line at the drugstore, leading us to wonder if it's the Snuggie of the VoIP world. It's not exactly a VoIP substitute. The magicJack is like Vonage as much as a hang glider is like an airplane: they do basically the same thing, but you'd never use them for the same purpose. If Vonage and its ilk are land line replacements, magicJack is more of a landline or cell phone supplement.
It's a tiny device that plugs into your computer's USB port, something that's technically called a "dongle." It's about the size of a Zippo lighter, but nowhere near as sturdy. It has a plastic chrome body with a clear plastic top that let's you see the magic inside. One end plugs into your USB port on an Internet-connected computer. The other has a standard telephone jack for the phone of your choice. It's highly portable, and it has the magicJack software built in so it can be plugged into almost any computer (Intel-based Macs or PCs running XP, Vista, or Windows 7). MagicJack stores your account information with the device, so you can use the service on multiple computers.
Once connected, the software loads and you begin the setup process. If you ordered your magicJack through the magicJack website then you've already entered your credit card info and you'll be starting your 30-day free trial. You cannot port a pre-existing number over to magicJack; you'll have to use the one they give you.
You dial numbers using either your handset or the magicJack application, a small window that contains a dial pad, call log, and, rather unfortunately, an ever-changing slew of ads for other magicJack products. According to magicJack's terms of service, phone numbers that you call may be analyzed by magicJack's ad software to deliver more relevant ads to you. You cannot close this program and still receive calls, though you can hide the window. It will reappear when you receive a call or dial on your handset.
This is ultimately magicJack's biggest limitation and why it's no substitute for traditional phone or VoIP service. You must have the program open and your computer must be running and Internet connected. MagicJack "solves" this problem by preventing your computer from going to sleep, something you may or may not want. However, if your magicJack is not connected, calls are routed to your magicJack voicemail so you won't lose any calls. Those voicemails are sent right to your email, so you can listen to messages from your mail reader.
The call quality seems to vary. We used a cordless phone to connect to magicJack. Though our call was only across town, our recipient (who was on a landline) said we sounded like we were in another country. It wasn't interference so much as a deadened, far-away sound. A call to a city further away had better performance. When we used a cel phone to call our magicJack phone, we noticed a lot of compression—-a problem with using two pieces of voice compression technology. It seems to be like that for magicJack: quality is highly dependent on many conditions.
Your call quality will be affected by the speed of both your network and your machine. We had less problem with call quality on our dual-processor MacBook Pro, even while simultaneously downloading an MP3 album from eMusic, watching two shows on Hulu, and downloading an HD trailer from Apple (though the latter took a bit of a hit). On our single-processor 2.2GHZ Toshiba PC with 2GB of RAM, we had more trouble with audio, including crashes and interruptions when we tried multi-tasking.
magicJack is one of those products that's not designed to improve on the quality of an existing technology, but to make that technology cheaper. Next to just about every other VoIP technology, it's the cheapest way to make unlimited phone calls in the US and Canada. magicJack doesn't have to be great, because it's so cheap:
After the 30-day trial you'll be charged $39.95 for the first year (plus $6.95 for shipping). And that's all you'll pay for unlimited calls inside the United States or Canada. You can renew a single year for $19.95, or five years for $69.95 (meaning you pay about $13 a year). International calls are billed at a discounted rate (their rate-chart is incredibly cryptic, with some countries having 10 or more alternate rates), but you must pre-purchase credits from magicJack.
Should you purchase magicJack? It depends on what your calling habits are and whether or not you can deal with the advertising. We don't think that it will ever be a phone replacement for most people, and your mileage will vary based on your home computer setup. The good thing is that it's pretty risk free to find out. If you don't like magicJack you can return it for a full refund within 30 days. You'll have to pay return shipping charges, of course.
MagicJack has
generated a number of questions from NextAdvisor visitors and so it piqued our interest. We've seen the little money-saving deviceon infomercials, and even while in line at the drugstore, leading us to wonder if it's the Snuggie of the VoIP world. It's not exactly a substitute for your regular phone service. The magicJack is like Vonage as much as a hang glider is like an airplane: they do basically the same thing, but you'd never use them for the same purpose. If Vonage and its ilk are land line replacements, magicJack is more of a landline or cell phone supplement.
Connecticut sues Health Net for data breach
January 20th, 2010 - Posted by Caitlin
Connecticut Attorney General Richard Blumenthal has filed a lawsuit against Health Net for HIPPA violations in the wake of a data breach. Last May, Health Net discovered that a portable disk drive containing confidential health information, Social Security numbers, and bank account numbers of nearly half a million past and present enrollees had disappeared. The data was not encrypted, and the company did not begin notifying those whose data had been compromised until November 30.
Blumenthal is civil penalties, which are limited to a maximum of $1.5 million per year, as well as a court order that would require Health Net to encrypt any personal health information contained on a portable electronic device. In a written statement, Blumenthal said, "The staggering scope of the data loss, and deliberate delay in disclosure, are legally actionable and ethically unacceptable. Even more alarming than the breach, Health Net downplayed and dismissed the danger to patients and consumers."
Health Net has offered two years of free credit monitoring and $1 million of identity theft insurance to affected members, and has promised additional assistance to anyone who does become an identity theft victim as a result of the breach.
Medical identity theft is a growing concern. One way to protect yourself is to invest in an identity theft protection service like TrustedID, which monitors for medical identity theft as well as financial identity theft. To learn more about TrustedID and other identity theft protection services, see our reviews and comparison chart.
10 business identity theft risks in 2010
January 20th, 2010 - Posted by Robert Siciliano
Robert Siciliano is a NextAdvisor.com Expert Guest Blogger
Advancements in technology over the past decade have created a tremendous amount of opportunity for the savvy businessperson. Whether it's mobility, streamlined processes, marketing, or the ability to sell to a global market, there's never been a better time to be in business.
Like anything good, there is always a negative. While there are certainly many negatives in technology, like the headaches when something doesn't work correctly and the constant learning curve we must all endure, the biggest negative is security issues.
So for the SMB (that's you, the savvy businessperson), here are ten considerations for the new decade:
Back up your back up. Numerous reports of cyber-war, thousands of new viruses weekly, and even Mother Nature reeking havoc on the Internet, have caused concern among industry professionals. Doing business in the cloud is fantastic; however, make sure you have redundant local backups of your data.
Protect against all Internet security threats, not just viruses. The sheer volume of attacks and new viruses created will keep the antivirus vendors busy. But there is no way they can keep up the pace 100% of the time. There are numerous technologies that will immunize your PC and make any virus or spyware impotent, and any data typed in your browser useless to a thief.
Social media identity theft is the act of creating a blog or social media site that models your day to day operations. At any time, someone can register domains or social media sites with your brand as the face. They then sell products that they never ship and/or do things to damage your brand. Scoop up your social media identities with Knowem.com.
Social network nitwits. One of the easiest ways into your companies' networks is via social media. The explosion of "I just made a tuna" communications has brought out the dumb in many people. The simple act of setting up a group on Facebook and getting your employees to join can open up a treasure trove of data that can facilitate social engineering attacks. Create policies and procedures that involve appropriate use.
Social engineering, the ruse of a confidence man, is back in full force. It never really went away, but with the amount of security in place, sometimes the path of least resistance is simply asking your cleaning crew for the keys to the building. By gaining the trust of employees over the phone, via email or in person, a conman can get almost anything he needs in order to get whatever he wants. The best defense is effective policies coupled with ongoing awareness training.
Insider identity theft can ruin your business. Most companies have done their due-diligence to keep the bad guy from hacking from the outside. But many organizations have neglected the risks associated with employees gone bad and the internal damage that can be done. Numerous technologies monitor and control access to sensitive information. But preventing bad employees from doing bad things starts with not hiring bad people.
Phishing scams still work. Despite consumer and employee awareness, a carefully crafted and well designed email that looks like it's coming from another employee is probably the most effective spear phish. Going after the CEO or high level executive, or "whaling," can often be even more successful. The bigger they are, the harder they fall, as they say. From my experience, it's often the smartest ones in the room that lack all common sense. Test your employees and see what they will fall for. Then test them again.
Tighten up employee remote access. Allowing Suzy Admin to access the company's VPN from a home PC that Suzy's son Steve uses to play games on servers hosted in North Korea will end up bad. Malware on a home computer can compromise user names and passwords, resulting in spyware on the network. Set up Suzy with her own laptop that's fully locked down and prevents Steve from doing anything fun.
Peer to Peer (P2P) file sharing is a fantastic way to leak company and client data to the world. Obama's helicopter plans, security details and notes on congress members being deposed were all leaked on government controlled computers via P2P. Setting admin privileges and installing numerous technologies that will prevent P2P is essential.
Identity theft will get worse before it gets better. And whether it's your identity, your family's or your employee's identity that is stolen, it can be a huge time suck and a costly event. The best defense involves a three legged stool. First, awareness training of all the scams that lure people in, and how to appropriately respond to numerous communications. Second involves a little time and investment in a "credit freeze" or "security freeze." Third is an annual investment in identity theft protection. In today's cybercrime climate, and with the recession making people desperate to make money any way they can, NOT investing in identity theft protection is, in my opinion, irresponsible. The worst thing you can do is nothing.
Robert Siciliano, identity theft speaker, discusses identity theft on Fox News.
Robert Siciliano is CEO of IDTheftSecurity.com, an identity theft expert, professional speaker, security analyst, published author and television news correspondent. Siciliano works with Fortune 1000 companies and startups as an advisor on product launches, branding, messaging, representation, SEO and media. Siciliano's thoughts and advice on all these matters appear often in both the televised and print news media including CNN, MSNBC, CNBC, FOX, Forbes and USA Today. He has 25 years of security training as a member of the American Society of Industrial Security. He is the author of two books, including The Safety Minute: Living on High Alert; How to take control of your personal security and prevent fraud. He's also partnered with Intelius to help raise awareness about the growing threat of identity theft and to provide tips on how you can protect yourself.
Do you have VoIP service in Vietnam?
January 19th, 2010 - Posted by Kent
The following post in our Reader Question series is an actual user submitted question:
Q: Do you have VoIP service in Vietnam?
A: All the VoIP services that we review are sold in the United States or Canada only. However VoIP services are portable and can be used from any broadband connection around the world. For instance, someone can purchase Vonage in the United States and then send the equipment to another country, such as Vietnam. Unfortunately while Vonage World Unlimited covers calls to over 60 countries, Vietnam is not one of them. So calls could be made from Vonage equipment on a broadband connection in Vietnam to any of those countries (see below), but calls within Vietnam would not be covered. This will work for you if you need to make frequent calls from Vietnam to the US, for instance. You just need a US-based shipping and billing address.
Countries covered by Vonage World Unlimited:
Andorra
Argentina
Australia (excl. External Territories)
Austria
Bahamas**
Bahrain
Belgium
Brazil
Brunei**
Bulgaria
Canada**
Chile
China**
Colombia
Croatia
Cyprus
Czech Republic
Denmark
Dominican Republic
Estonia
Finland
France
Georgia
Germany
Greece
Guadeloupe
Guam**
Hong Kong**
Hungary
Iceland
India**
Iraq
Ireland
Israel (non Paltel)
Italy
Japan
Jordan
Kenya
Latvia
Luxembourg
Macau**
Macedonia
Malaysia**
Malta
Mexico
Monaco
Netherlands
New Zealand
Norway
Peru
Poland
Portugal
Puerto Rico**
Romania
Russia
Saipan**
San Marino**
Singapore**
Slovakia
Slovenia
South Africa
South Korea
Spain
Sweden
Switzerland
Taiwan
Thailand**
Turkey
U.S. Virgin Islands**
United Kingdom
Venezuela
Zambia
NextAdvisor launches Audiobook Download and Rental service reviews
January 19th, 2010 - Posted by Kent
We've just launched our newest review category: Audiobook Download and Rental Services. We took a look at the five leading services that allow you to shop for audiobooks online. Some services are subscription services that allow you to download a certain number of books a month, and some are rental services that work like Netflix. We also took a look at iTunes, to provide a comparison with a la cart download services. We get into the nitty gritty of book credits, device compatibility, library size, price, and sound quality.
Why audiobooks? Keeping up with your reading is a great way to stay informed and keep your brain active. Unfortunately, many people just don't have time to do it. Listening to an audiobooks is a great way to squeeze your "reading" into your daily routine.
So, check out our reviews, and find out how you can put a little more lit in your life.
Categories
Blog Archives
Popular Services Reviewed:
Credit Monitoring Services |
Find Us On:
Copyright© 2006 - 2012 NextAdvisor.com - All rights reserved.
Disclosure: NextAdvisor.com is a consumer information site that offers free, independent reviews and ratings of online services. We receive advertising revenue from most of the services we review. Our editors thoroughly research and whenever possible test each service we review and offer their honest opinions about each one. We are independently owned and operated and all opinions expressed on this site are our own.