A new report by BillGuard examines the problems credit and debit cardholders are having with grey charges. Every year, millions of American consumers are forced or misled into paying fees and charges they never wanted or intended to pay. These charges, called ‘grey charges’, are typically small in nature, buried in terms of service agreements, and are written in a way that often confuses the average consumer.

The report discusses all 11 kinds of deceptive grey charges, including ‘free to paid’. The worst of the grey charges, it equates to approximately 115 million transactions, resulting in $6 billion in losses to consumers. An example of a free to paid grey charge is when a retailer offers a product for free during a trial period with a product return policy that is often misleading with obscure shipping dates, ultimately resulting in a charge the consumer didn’t want.

The problem with grey charges stems from the fact that they aren’t illegal. As a result, the existing laws on the books can’t stop them. Therefore, consumers must take control over their finances and card charges by exploring other opportunities and options.

The best option available is the BillGuard’s iPhone app. The free app intelligently prioritizes noteworthy, recent, and recurring charges across all of a cardholder’s credit and debit cards. The app uses crowdsourced analytics from BillGuard’s national Transaction Intelligence Network™ to help users quickly spot and recognize charges deemed questionable by other cardholders on their cards.

Robert Siciliano is a personal security expert & and is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen. See him knock’em dead in this identity theft prevention video. Disclosures. For Roberts FREE ebook text- SECURE Your@emailadress -to 411247.

Your digital life and your physical life coexist like land and sky which meet at the horizon all day and night. This means while you are present here on the ground, you also exist online. Coming to terms with this reality will help you make better decisions about securing that online self.

1. Get device proficient: On a laptop, desktop, Mac, tablet, or smartphone, figure out what you’re doing. Take the time to learn enough about your electronics to become an expert on them.
2. Become socially savvy: Use your devices to communicate socially. Keep in mind that online is forever. Consider that years from now, that information could be damaging or embarrassing. Assume everything you post is public and will be searchable forever, even with the strongest privacy settings available.
3. Google your online reputation: Search your name and see what’s being said. There are plenty of websites that know who you are and mention you in some fashion. Creating your online persona socially will help establish your online presence.
4. Invest in security: It’s not just your PCs—your identity, hardware and software are being targeted by criminals 24/7/365. Use common sense and know that if it looks too good to be true, it probably is. Today’s tools can insulate you from many criminal tactics and even help you locate a missing device. Whenever using free wireless, know that chances are someone is snooping on your communications. Get a VPN (Virtual Private Network)to protect your digital communications.
5. Use effective passwords: “Princess” and “123456” are not strong passwords. Combine uppercase and lowercase letters with numbers and other characters.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Robert’s FREE ebook text- SECURE Your@emailaddress -to 411247.

Privacy advocates are working to prevent the worst and most extreme outcomes of personal data collection. They know that without checks and balances—without consumers knowing their rights and actively protecting their own privacy and personal data—that data could be used unethically.

Privacy is your right. But in our digital, interconnected world, privacy only really consists of what you say and do within your own home, legally, with the shades pulled down. It’s that part of life that is shared between you and your loved ones and which is not communicated, recorded, broadcast or reproduced on the internet or any public forum in any way. Beyond that, especially when taking advantage of various online resources, be sure that you know what it is you’re agreeing to and take precautions to protect yourself.

In addition to reading “terms and conditions” and the privacy policies of apps and websites, now is a good time to check your privacy settings on social networking sites and other sites you already use. Don’t share by default; share by choice. Ensure you have a strong password and be aware of where and with whom you are sharing your personal data.

In addition, turn off features on your device that expose your device and may share information about you, such as location, GPS and Bluetooth. When you want to use these features, you can always turn them on temporarily.

1. Install the latest antivirus software on your devices. Antivirus software is a must-have utility to protect your computer from viruses, spyware, Trojans and worms. These malicious programs are designed to invade your privacy and steal your personal data. As such, it’s critical for you to protect your devices with the latest antivirus program(s).
2. Use a personal virtual private network (VPN). While antivirus programs do a good job of protecting your computer, it doesn’t secure your browsing session or your internet communications. A VPN is a perfect complement to an antivirus program. VPN services such as Hotspot Shield VPN protect your privacy online and secure your web sessions by creating a secure “tunnel” on the internet between the VPN server and your device. Hotspot Shield is available for iPhone/iPad and Android devices
3. Use strong passwords. Most people tend to use their names, birthdates, driver’s license numbers or phone numbers to create passwords. The most common password, believe it or not, is the word “password.”
4. Be careful what you share on social networking sites. Social networking sites such as Facebook have very vague and complicated privacy policies. In fact, their business models are based on trading, sharing or selling your private data to advertisers and marketers.
5. Delete or clear the tracking cookies. Tracking cookies are small pieces of code that websites attach to your computer to store information about your online activities.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. 

Mobile payment can transform your shopping experience, making it more convenient and easy—and it’s secure, too!

Forbes reports, “Shopping has become very impersonal. Few people have a relationship with a salesperson who knows their style and preferences and can direct them to the right items at the right prices as soon as they walk in the door. But wouldn’t that be nice? Preferable, certainly, to wandering cavernous stores, fending off pushy salespeople who don’t even bother to learn our names, much less our favorite colors and fabrics.”

Mobile payment will mean much more one-to-one marketing—meaning specific deals and promos could be specially targeted to individual consumers based on their buying habits. Sooner rather than later, based on the information on a mobile phone app that consumers carry while shopping, they will be “recognized” as being in the store and recommendations, discounts, coupons—all in the form of specific customized offers—will pop up.

And mobile is secure, too. There are various mobile payment delivery options. Near field communication is a contactless delivery system that involves a chip that is either built into the phone itself, into a card within the phone, or a sticker attached to the phone. There are also new applications that facilitate mobile payments, most of which involve a barcode that the user scans at a store register.

As you increasingly use your phone for mobile payments, be aware that the phone correspondingly increases in value to thieves and hackers. So keep track of your cell phone. You wouldn’t leave your wallet on a bar and walk away, and you shouldn’t do that with your phone, either. And be cautious when visiting websites on your phone’s browser, clicking on links or responding to text messages.

So how do I conduct safe mobile payments?

• Pay attention to your credit card statements to check that you are paying for what you actually purchased.
• Only download mobile payment applications from a reputable app store. Check user reviews of the app and make sure to read the app’s privacy policy regarding what data of yours it is accessing and sharing.
• Don’t conduct any mobile transactions over an unsecured WiFi connection. It’s much more secure to use your mobile data network.
• Keep your mobile software current. This includes installing the latest updates for your operating system, mobile browser and mobile security software.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked!.

The practice of mCommerce (or M-commerce) is using a mobile phone to make purchases. Like credit card transactions, your card/device can be either present or not present.

Mobile payment has been around for years in numerous forms for purchases such as downloading music, ringtones and various other services, and it is now gaining traction for retail purchases in the U.S. But its implementation in the U.S. is a bit slower due to a lack of standardization of payment methods and the overall security concerns of mCommerce.

Some consumers in the U.S. have had bad experiences with criminal hacking and data breaches and so are concerned about their security. As a result, they are waiting for the various handset manufacturers (in other words, those who make the phones), mobile carriers (those who provide mobile service) and third-party technology providers (those who make the technology that facilitates financial transactions) to agree on standardization that will lead to more secure transactions.

Regardless, EcommerceTimes.com reports in its holiday retail edition that Foresee, a customer experience analytics firm, saw the Mobile Satisfaction Index jump two points over Christmas 2012 to a score of 78 on a 100-point scale.

When it comes to individual companies, Amazon took the number-one spot with a score of 85. Apple and QVC were next with scores of 83, with NewEgg and Victoria’s Secret coming in at 80 in the report. Those at the bottom of the list of 25 mobile retailers include Shop NBC with a score of 73, and Sears, RueLaLa, Overstock and Gilt.com, which each earned a 74 in the ratings.

The study shows that the mobile platform is maturing faster than the traditional web. But this will also mean criminals are moving to mobile as an attack vector.

To stay safe while mobile shopping:

1. Keep mobile security software current. The latest security software, web browser and operating system are the best defenses against viruses, malware and other online threats.
2. Automate software updates. Many software programs can update automatically to defend against known risks. If this is an available option, be sure to turn it on.
   1. Use a private VPN. Hotspot Shield, which is free to download, creates a virtual private network (VPN) between your laptop, iPhone, Android or tablet and any internet gateway. This impenetrable tunnel prevents snoopers, hackers and ISPs from viewing your web browsing activities, instant messages, downloads, credit card information or anything else you send over the network. Hotspot Shield is available for iPhone/iPad and Android devices

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

At the end of the session the IT GRC Forum is giving away a $2,950 pass to the Cyber Security & Digital Forensics Exchange (www.cyber-securityexchange.com) being held in Austin, TX on December 8 - 12, 2013. The pass is for the entire 3 day event and includes meals and two night hotel accommodation.

The winner will be chosen at random. If you would like to attend and be entered into the draw register here

Best of luck!

Cinthia

For more than a decade criminals have been attacking online banking successfully by one upping security professionals their and clients by creating viruses to bypass existing security measures.

In response security companies offer new technologies to fight new threats and federal regulators have continually updated their compliance rules in response to existing vulnerabilities.

However one variable that technology has yet to fully fix is the human element. Sure many of the existing security technologies help protect the consumer and bank from human error like downloading a virus or social engineering tricks like clicking an infected link and alert us to a phish email. But no technology or even security or privacy policy can prevent someone from exposing all their life’s details on a social media site.

When criminals target an organization like a bank they start by looking for vulnerabilities in the network infrastructure. Beyond that they target the employees of a bank and their customers using the information provided on the corporate site, and via social media.

Once they gather enough information about their target they use that data to circumvent all the security technologies meant to prevent a user from downloading a virus or social engineering tricks like clicking an infected link and alert us to a phish email.

This is where banks need to step it up and incorporate complex device identification. iovation, an Oregon-based security firm, goes a step further offering Device Reputation, which builds on complex device identification with real-time risk assessments, the history of fraud on groups of devices, and their relationships with other devices and accounts which exposes fraudsters working together to steal from online businesses.

Robert Siciliano, personal security and identity theft expert contributor to iovation. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! See him knock’em dead in this identity theft prevention video.