The threat of data theft follows travelers; there’s never a vacation from hackers. So what should the traveler do? Anticipate snooping by hackers. This way, you can prepare for the worst.

1. If you must bring a laptop, use it as a shell to access data remotely. Leave private information behind. If this is not possible, bring it with you in the form of an encrypted memory stick or have it stored online to download later.
2. Always use comprehensive security software whenever connecting online.
3. If you anticipate bringing your laptop or other devices along, have an IT expert install on it disk encryption software. Better yet, have the whole hard drive encrypted: This would be worthless in the hands of a thief.
4. Install a VPN: virtual private network. The VPN will allow you to get onto websites that are blocked in some foreign countries like China. A VPN will also protect data as it’s transmitted through the air, scrambling it so that hackers can’t understand it.
5. Use multiple layers of protection. For example, if your device has the capability, use a fingerprint scanner to verify the user’s identity in addition to password protecting your device. Any combination of these features might be built into the hardware, software or available as a peripheral.
6. To prevent visual hacking (people spying on what you’re doing on your computer), use a privacy screen. 3M makes a great one. And be careful where you choose to work on your computer. Don’t have your back facing the open where someone can easily peer over your shoulder or even record what’s on your screen from a distance.
7. Never leave your devices in a hotel room or unattended while you head off to the restroom or take a break from a conference meeting. Just suck it up and take it with you.

Don’t be part of the “I’ll never get hacked” camp. Do you really think it won’t happen to you? If so, it’s:

Because you think no phishing e-mail could get past your radar. Just because you can spot a Nigerian scam doesn’t mean you can’t be tricked. Phishing campaigns today are ingenious and sophisticated, and include information about the recipients, fooling them into thinking these e-mails are from their friends or associates. These messages will blend right in with all your other legit messages as far as content and appearance, which include good spelling and grammar.

Because you think you’re not a target. You think you’re too little a fish in a sea of gargantuans for a hacker to be interested in you. However, every fish in the sea, including the tiniest, is a potential target. Sometimes, all a hacker wants is someone else’s e-mail from which to send spam.

Because you think deleting your cookies will keep you from getting targeted. This is like saying your house can’t get broken into because the second story windows are locked. But what if the first floor windows, and the front door, are open? Intruders will find other ways to cyber track you than cookies. For example, your IP address can identify you, which is why it’s always good to run Hotspot Shield to mask your IP address and protect your data on free WiFi. Second, your computer and browser have your unique fingerprint.

Because you think you’re invulnerable with firewall and antivirus software. Did you know that in some cases the best anti-malware detection, especially for larger business networks, spot only 45 percent of attacks? Keeping in mind you have to have antivirus, antiphishing, antispyware and a firewall as necessary layers of protection.

Because you think that avoiding Internet back alleys will keep you protected. Just like a mugging can occur in broad daylight in a busy mall parking lot, so can deposition of malware in that this is many times more likely to occur as a result of visiting popular online shopping sites and search engines, when compared to phony software sites. And if you spend a lot of time on porn sites, consider yourself infected.

Don’t Be a Myth Head

A smart, sophisticated cyber criminal will go after smart, sophisticated users, not just the dumb ones. Don’t let your guard down for a second. There’s always someone out there who’s smarter than you—or, at least—smart enough to trick you, if you become lax.

One step forward is to just commit to never, ever clicking on any links inside of e-mails. And when you receive an e-mail with an empty subject line, even if the sender is apparently your mother…don’t open it. Instead, send her an e-mail and ask her if she sent you one with a blank subject line. And even then, don’t open it, because you just never know. Protecting yourself takes a little more time, but remember, a stitch in time saves nine. Which frankly, I really don’t know what that means, but it sounds good right here.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America.

Despite the fact that tens of millions of consumers were hit by the numerous big breaches, and tens of millions more by less sensationalized breaches, you can still take the reins and yield some protection for your credit cards.

1. Make online payments with single-use or prepaid cards. What a great idea!
2. If you have multiple recurring payments for ongoing services, use only one credit card for those.
3. For shopping, use a one-time or prepaid card. Though the single-use credit card number is linked to your real card number, it will prevent the real number from becoming exposed should the site get hacked. Discover, Citibank and Bank of America offer single-use (disposable) card numbers.
4. A prepaid card is different, in that it’s independent of your real card number. If the prepaid card gets stolen, you can replace it without this affecting your primary credit card account.
5. If you have a debit card…don’t shop with it. Use it only to take funds out of a bank ATM. If a crook gets ahold of your debit card…the money will instantly be stolen from your bank account. If a thief gets your credit card, however, and makes unauthorized purchases, there’s a time lapse between when the purchases are made and when the money is actually withdrawn—enough time for you to file a dispute (if you regularly monitor your statements).
6. Though you’ll get reimbursed for fraud that occurs with a debit card, this will happen after your bank account has been sucked dry. So avoid using a debit card at gas stations, casino machines and other such places where it’s easy for a crook to tamper with the card reader.
7. Better yet, just limit its use to the bank ATM. Think of your debit card as an ATM card. This doesn’t mean that an ATM can’t be tampered with; be on the lookout for signs of tampering such as tiny cameras to capture PINs, or something odd about the card reader.
8. Set up email or text notifications via your bank or credit card companies website to alert you to all charges. This way, whenever a charge comes in, you’ll know about it.

You were taught to share your toys as a young child, but this doesn’t apply to letting others use your Wi-Fi. The difference between sharing the plastic shovel and sharing the wireless connection is that with the latter, who’s to say that the “thief” won’t eventually crash in on your private information? And don’t forget that not only will this sharing possibly slow down your connection, but there could be legal repercussions if this moocher uses your connection for bad deeds.

How can you spot a moocher?

• Log into your computer’s router’s administrative console: Type its IP address straight into the browser address bar. Don’t know the router’s default address? Go to (Start > Run/Search for cmd) and then enter ipconfig.
• The address you want will be next to Default Gateway, under Local Area Connection.
• Mac users can locate the address by going to System Preferences, then beneath that, Network. If you’re using Ethernet it’ll be next to “Router:” and if you’re using Wi-Fi, click on “Advanced…” and go to “TCP/IP.”
• Point browser to the address; enter your login details. If you’ve never changed the default settings, the login should be a combination of “password” and “admin” or blank fields.
• Locate a section for wireless status or connected devices. Here you’ll find a table with details including the IP and MAC address of all devices currently connected to the router.
• To find moochers, check that list against your gear.
• To find the MAC/IP address of your computer, go to the Command Prompt and enter ipconfig /all. The MAC address will show as the physical address.

How to Help Prevent Mooching

• Implement a strong password; use WPA2 or WPA, not WEP.
• Turn off the SSID broadcast.
• An alternative to the prior point is to set a filter up for blocked or allowed devices by MAC address.
• Whenever on free public WiFi use Hotspot Shield to mask and encrypt all your data as it fly’s through the air.

If you want to find out just who is getting a free ride on your wireless, use MoocherHunter. This tool will locate the source within two meters of accuracy. Tracking down the culprit will prove handy if the moocher has been getting you in trouble by using your network for illegal activities.

On the other hand, if the lectures about sharing your toys still ring loud in your head, why not make lemonade out of this lemon by using a third-party firmware alternative to run a public hotspot? You can then offer for-pay Internet access points that come from your consumer router. Another option is to get a Fonera router. If you share some of your home WiFi, the Fonera router will grant you free roaming at Fon Spots all over the world.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. 

That little thing that you stick in your computer to store or transfer data can also mean very bad news.

The USB device or “flash drive” can be reconfigured to work like a little thief, for instance, being made to mimic a keyboard and take instructions from the master thief to rip off data or install malware. It can be made to secrete a virus before the operating system boots up, or be programmed to alter the computer’s DNS setting to reroute traffic.

There’s no good defense for these kinds of attacks. The firmware on the USB devices can’t be detected by malware scanners. Biometrics are out because when the firmware changes, it simply passes as the user plugging in a new flash drive.

Cleaning up the aftermath is no picnic, either. Reinstalling the operating system doesn’t resolve the problem because the USB device, from which installation occurs, may already be infected. So may be other USB components inside one’s computer.

Whitelisting USB drives is pointless because not all have unique serial numbers. Plus, operating systems lack effective whitelisting mechanisms. Also, Malicious firmware can pass for legitimate firmware.

To prevent a bad USB from infesting a computer, the controller firmware must be locked down, unchangeable by an unauthorized user. USB storage devices must be able to prevent a cybercriminal from reading or altering the firmware. It must make sure that the firmware is digitally signed, so that in the event it does become altered, the device will not interface with the altered firmware.

• Watch your USB drive – don’t set it down and make sure you keep track of it so it’s not lost or stolen.
• Disable auto-run – Turn off auto-run on your computer so that if a USB drive has malware, then it won’t automatically be transferred to your machine.
• Be careful who you share your USB drives with – Be careful what computers you place your USB drive in and who you let borrow your USB drive.
• Use comprehensive security software – make sure your security software not only scans your computer for threats, but also any drives that are attached.

Can you hack cleaning up the mess a hacker makes after infiltrating your computer? Would you even know the first thing to do? And yes, YOU’RE computer CAN be hacked.

After the attack, locate the portal through which the crumb-bag entered. This could be the e-mail program or browser. This may be easier said than done. Give it a shot.

Next, this portal must be disconnected/uninstalled from the Internet to prevent it from getting into other systems. Look at your Task Manager or Activity Viewer for any suspicious activity. The CPU usage must be checked too. If it goes way up, you’ll have a better chance of detecting fraudulent activity. It helps to know how your computer runs so that you know what’s typical and what’s atypical.

Otherwise head over to Microsoft’s Malicious Software Removal Tool page here: http://www.microsoft.com/security/pc-security/malware-removal.aspx

After severing ties with the hacker or hackers, take inventory of their destruction.

• Make sure that your anti-malware and antivirus systems are up to date, and enabled. Do a full system scan with both systems.
• If something looks odd, get rid of it. Malware will continue downloading if there’s a browser extension or plugin. Inspect every downloaded item.
• Change every password and make it unique and long.
• Log out of all your accounts after changing the passwords.
• Clear the cookies, cache and history in your browser.
• Be on the alert for strange goings-on, and do not open suspicious e-mails, let alone click on links inside them.
• If things are still acting strange, wipe your hard drive. Reinstall the operating system. But not before you back up all your data.

Preventing an Attack

• Have a properly configured firewall.
• As mentioned, never click links inside of e-mails, even if they seem to be from people you know. In fact, delete without opening any e-mails with melodramatic subject lines like “You Won!”
• Have both anti-malware and antivirus systems, and keep them up to date.
• Use long, unique passwords.
• Never let your computer out of sight in public.
• If, however, your device is stolen, it should have a remote wipe feature.
• Give your data routine backups.
• Be very cautious what you click on, since links promising you a spectacular video can actually be a trap to download a virus into your computer.
• Use Hotspot Shield when you’re on public Wi-Fi to scramble your communications.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. 

You can buy encryption tools to prevent people from reading the contents of your e-mails should they intercept them. But what about those who have NSA-caliber resources and skills?

The problem is that encryption services usually leave wide open the e-mail’s metadata: e.g., sender, recipient, subject line and timestamp.

But a new service, ShazzleMail, delivers e-mail straight from sender to recipient without any metadata.

ShazzleMail software is downloaded, then encrypts e-mails, but your device must be switched on so that the recipient could download the e-mail.

If the recipient doesn’t have ShazzleMail, they’ll get a message headline, “Secure Message from Jack Jones,” plus a message text: “Jack Jones has sent you a secure, encrypted e-mail via ShazzleMail. Click to View.” ShazzleMail is free, though there’s an enterprise version for a monthly fee of $5.

Can a hacker defeat ShazzleMail? Well, without any metadata, how can a hacker track the message’s path? There’s no middleman; the messages go straight from sender to recipient. ShazzleMail says, however, that it’s not fool-proof against the NSA if the NSA wants to really go at it. Nevertheless, ShazzleMail puts a lot more barbed wire on that fence.

And then there’s Enlocked, which offers “military-grade e-mail security” for professionals by encrypting e-mails before they’re sent. However, the metadata is visible. This is a big problem if the mere communication between two parties is significant, or the timeline or whom the parties are is very telling.

Another option is Raellic Systems, which has software that lets users select from three levels of privacy.

Hushmail is another contender. They state: Hushmail can protect you against eavesdropping, government surveillance, unauthorized content analysis, identity theft and email forgery. When you are using Hushmail, the connection between your computer and the Hushmail server is protected by encryption. That means that if someone is eavesdropping on your Internet connection, they will not be able to read the traffic that you send to the Hushmail website. This is especially important if you are using your computer on a public or office network, or if you are using a wireless connection that is not encrypted.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.