Parents have been cautioned for decades about the need to monitor their children’s internet use in order to avoid various threats.

Whether it’s online predators, identity thieves who steal information, sites, and downloads that are rife with viruses, parents have the never-ending job of ensuring their young ones have fun and freedom while still avoiding every manner of risk.

Now that we’ve entered the mobile device age, parents have an even harder job. Video and music content can easily be accessed without permission, and many of the sites that advertise “free” top-rated content to young users are actually filled with viruses. Games can be downloaded instantly after a friend shows it to them at school, and the app may be able to steal unbelievable amounts of personal information through their permissions.

As always, predators can use a wide variety of apps to find and connect with your child.

Even more frightening, many apps have notifications that alert your child to a new message automatically; depending on your settings, your child can see these messages all throughout the day, even when you think they aren’t online and even when you’re not around to help them through it.

Recently, news headlines have flooded the global media about a popular app that targeted young people, encouraging them to commit acts of violence, self-harm, and even suicide. Russian authorities have supposedly arrested the app’s developer in connection with multiple reported suicides, although the list of charges is very vague. Schools around the US have now warned parents about the dangers of the app, but fortunately, it is beginning to look a lot like an internet “urban legend;” that doesn’t mean there aren’t copycat apps and other developers waiting to do something similar, though.

While there are countless “monitoring” apps to help you stay on top of your child’s mobile device activity, nothing will ever replace accurate, age-appropriate information and awareness. No matter how you choose to help your child be aware of online dangers, there is no other tool in your arsenal that compares to open conversation. Besides the need for ongoing talks as new dangers and new freedoms arise, it’s vital that your children understand there is no mistake they can ever make online that you cannot help them address and correct. Criminals who prey on young people are using fear of humiliation and fear of parental repercussions as their weapons, so stripping away that fear through open dialogue can literally mean the difference between life and death.


If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App.

You know the saying: “Nothing is ever deleted from the internet, and nothing is ever private.”

While there are some obvious exceptions to that rule, it serves as a good mantra for how you should treat your digital content. Photos, social media posts and accounts, and other personal internet activity may be set to the strictest privacy settings possible, but they can still be stolen and used for someone else’s gain.

The recent news about dating site Tinder is a perfect example. Stuart Colianni wrote a software script that was able to “scrape” more than 40,000 pictures from the site at the push of a button. These pictures had been uploaded by Tinder users, some of them to be used as their profile pictures, and others just to provide more information about them to potential matches.

Colianni uploaded those images to a folder online, then made it available for anyone who wanted to use it. He even established a public domain license, and within the first three days of being available, more than 300 people had downloaded them.

What would possess someone to publicly expose the photos of people with private dating site pictures? In this particular case, it really just comes down to selfish gain. Colianni has been working for some time on an improvement to current facial recognition innovations, and he wanted a collection of faces of people who all live in the same geographic region. The Tinder users he targeted all live in the San Francisco Bay area, and presumably, once his programming “learns” their faces, he can walk the streets in search of these people. This data set created from the stolen images isn’t exactly being used to break the law, but it was a pretty underhanded way to get access to a lot of different faces.

Unfortunately, what Colianni did might not even be illegal. By agreeing to open Tinder accounts and by uploading the pictures themselves, the users made it possible for someone else to see them. In fact, if Tinder had actually sold the photos to Colianni, this wouldn’t even be a news story; their terms of service that you agree to when you create your account clearly state that they’re allowed to use any photos you post on their site, pretty much in any way they want to.

However, Tinder didn’t sell the photos, and they’re not very pleased about Colianni’s use of their customers’ content. They’ve issued a statement to the effect that it violates their user terms, and that they’re launching an investigation.

While the details of this issue continue to emerge—and undoubtedly, new terms of service or even privacy regulations could come of it—it’s a shining example of how your online content is not as “protected” as you might think. It’s important to understand that stealing your photo and using it in another way is not only possible but in some cases, it isn’t even considered wrong. Protect yourself and your family by talking about safe photos and posts, safe places to upload them, and safe practices for protecting your privacy.


If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App.

In the fight to protect your privacy, there are a few tools at your disposal. One tool, MAC address randomization, has long been thought of as a way to keep prying eyes off your internet connections, no matter where you were.

What is a MAC address? It is a unique multi-digit number that identifies your device when it connects to the internet. If you connect over a public Wi-Fi connection, someone who’s monitoring your MAC address will know when you connect again in the future, when you disconnect, and so on. But techxperts learned a simple trick a long time ago: by generating new, random MAC addresses each time you connect, you should be able to avoid having public Wi-Fi owners track your movements or activity. This tracking is typically used for advertising purposes, like sending you an online ad if you happened to pass by that store again, but in some cases it could be used to find out when you enter a competitor’s store, for example. For some consumers, that’s a little too much like Big Brother watching.

Unfortunately, MAC address randomization has now been found to be not quite as foolproof as we originally thought. A new study by researchers at the US Naval Academy uncovered flaws and vulnerabilities that allowed them to track one hundred percent of the devices they were following. There’s a very technicalexplanation of the researchers’ findings in this article, but the takeaway is that this technique may not do anything to protect your privacy after all.

There’s a long-standing rule of the thumb when it comes to privacy and technology: you’re not as safe as you think. We have software to thwart viruses, firewalls to prevent malicious code from sneaking in over the internet, VPNs to “trick” spies into not seeing our activity or knowing our location, parental control filters to keep our children safe online, and so much more. But the end result is that hackers keep finding workarounds to the protective measures we rely on. Does that mean we just ignore the danger and not install these safety protocols? Of course not. But there is a very important truth that all tech users must understand.

Nothing will ever replace diligent attention to your online accounts and internet activity. Whether it’s trying to avoid being “followed” over public Wi-Fi or preventing your ISP from selling your history and data to advertisers, taking your own privacy steps is critical. Relying solely on technology without safeguarding your information and your family for yourself is too big a risk.

If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App.

Privacy advocates and law enforcement are currently at odds over this issue when it comes to internet activity. In a recent case, a search warrant has been issued to Google over an identity theft crime.

The victim in the case had funds stolen from their bank account, and the transactions were completed due to a fake U.S. passport.  With so much information about the victim used in the crime—including name, birthdate, a photo, and Social Security number—someone may have gained access to this person’s personal data online.

The search warrant in question is what has experts concerned. Authorities investigating the case want Google to turn over any information they have, including IP addresses, for anyone who searched for the victim’s name online between December 2016 and January 2017. A judge has found sufficient reason for the information to be turned over to the police, and has signed off on the warrant.

As might be expected, Google is not pleased by this request. Anyone is free to use the search engine, whether they create a Google account or not, so providing the IP address of every individual who searched for that name would not necessarily mean they’d uncovered the guilty party. Moreover, there’s a matter of trust at stake; tech users aren’t fond of having their internet activity tracked and they certainly don’t want that information turned over to the authorities.

This type of conundrum is a fact of the digital age, and it’s possible that it will only grow as new forms of internet crimes and new methods of investigation come along. As with any type of criminal matter, it’s important to weigh the right to privacy against the needs of society, and vice versa.

If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App.

A recent 50-48 Senate vote seeks to overturn privacy regulations enacted under the Obama administration.

The rule basically barred internet service providers (ISPs) from gathering, storing, and then selling your internet use to advertising firms or other interested parties. The privacy regulations were enacted last fall by the Democratic majority at the Federal Communications Commission, something Republican leaders have been working to undo.

These regulations in no way interfered with the work of law enforcement, but instead pertained primarily to advertisers. So what’s wrong with advertisers knowing a little bit of information about you? After all, advertising makes the internet affordable, and wouldn’t you rather only see ads for products you actually want?

Take this example. Mastercard filed a patent in 2015 for a concept that allows it to track your purchases and then sell that information online. One of the proposed purposes is reportedly figuring out what size clothing you buy, what types of food you buy, whether you have a gym membership or not…and then informing the transportation companies about your approximate size based simply on your purchase history. In theory, this could be used to spread passengers’ weight evenly throughout the plane, train, or bus, but privacy advocates fear that it’s really about discriminating against overweight consumers by charging larger passengers a higher fare.

In a much more ominous case, law enforcement officials were granted a warrant that was served to Google, demanding all of the IP addresses—the “signature” that individual computer connections are assigned when online—for everyone who searched for a specific person’s name over a two-month period. The name belongs to a victim of identity theft, and officials want to locate everyone who looked up the victim’s name. Google, who states that it doesn’t even have the technology to track and provide that information, has refused to comply on the grounds that IP addresses are not as foolproof as something like fingerprints and therefore don’t provide the name of the actual perpetrator.

Some politicians say this move to strip away the privacy regulations won’t change anything about consumers’ internet privacy, but techxpertsdisagree. One of the chief rules in these regulations is that your ISP has to get your permission before turning over your internet browsing history, the apps you use, your health and fitness information (something that’s gathered if you use a fitness tracker, for example), and your physical location.

One of the interesting features about today’s current political climate is the fresh wave of activism that citizens are engaged in nationwide. More and more consumers are reaching out to their representatives and weighing in on a large number of hot-button topics, and advocates expect that this issue will be no different. Individuals who wish to contact their Representatives—as the vote will now go to the House—can locate their names and contact information by clicking here.

If you think you may be a victim of identity theft, contact the Identity Theft Resource Center for toll-free, no-cost assistance at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App.

It takes only one infected app to take down an entire network.

Personal cell phones in the workplace have become a rather controversial topic in recent years. Early on, back when businesses used to ban personal devices, the result was astounding costs to issue phones and tablets to employees. With the adoption of bringing your own device (BYOD) policies, the costs went down but the dangers went up. Apart from the mundane concerns of employees checking their phones constantly or using them to access social media on company time, there are very real risks associated with them.

One study of the Android operating system has found that it would only take a single infected app to completely take down the entire US 911 emergency call system with a DDoS attack. How could something as simple as a game or streaming movie app disrupt an entire nation? The Android platform is based on the idea of open source code, or the ability to let others build their own apps and sell them to the public in third-party app stores. Since it’s difficult for hackers to break into an app like Netflix they create a fake version that looks and acts like the real deal. Users download the “wrong” version by mistake and never know that it’s full of malicious code.

When you go to work and connect to your company’s network with your phone, that malware infects the entire network. This is just one example that makes many employers feel they should have the right to inspect any phones that connect to the network, whether they’re company owned or personal.

According to privacy and employment practices experts, that may just be legally allowable. Without clear federal legislation about how this kind of technology impacts citizens, the rules are usually left up to the individual workplace. That means depending on the company—and in some cases, even depending on the location—the rights to privacy you think you had at one job are no longer in place at another job.

This is just one more reason why it’s a smart move to have an employee handbook that addresses technology and internet use at work. This type of issue can readily be explained before anyone carries any device into the facility and attempts to connect to the network. Any surprises can result in hurt feelings at the very least, and termination or lawsuits at worst. Of course, a solid technology handbook is good for all employees and would encompass other aspects of network security and data breach prevention as well.


How much information are you putting out there? It’s probably too much. We are here to help you stop sharing Too Much Information. Sign up for the TMI Weekly.

It’s tough to be famous. Having A-lister celebrity status and the wealth that goes along with it might seem glamorous from the outside, but recent cybersecurity issues have proven that it’s not all private jets and red carpets.

 A major headlining data breach in 2014 affected the private email accounts of more than 300 well-known people, including actresses like Jennifer Lawrence and Emma Watson. The hacker was caught and sentenced last month to only nine months in jail after leaking nude pictures of his victims online.

How did the hacker, Edward Majerczyk of Chicago, pull it off? A simple phishing attack. He emailed his victims with what appeared to be a letter from their internet service providers, informing them of an issue with their accounts. The celebrities—or quite possibly, their staff members—turned over their usernames and passwords.

British soccer star and model David Beckham recently suffered a ransom attack when his sports management agency was breached by hackers who then demanded a hefty ransom payment in exchange for not releasing the contents of his email online. Beckham, whose email was handled by the agency on his behalf, was not the only victim. The agency handles accounts for other top-notch athletes like Usain Bolt and Xavi Hernandez, and more than 18.6 million emails were held hostage.

The agency refused to pay the ransom and the emails were leaked. While they did contain a few embarrassing rants, there was apparently nothing genuinely career-ending in any of them.

Reports have surfaced of another well-known actress, Emily Ratajkowski, whose iCloud account was breached by a hacker. The link to the exposed account was sent to an online tabloid reporter with instructions to publish it, apparently for no fee whatsoever. The hacker seems to simply want to expose the actress’ very private photos and personal emails. Ratajkowski was also one of the victims of the 2014 celebrity hacking.

Why are celebrities such hot targets for this kind of thing? Mostly because there’s an audience for it. Even people who would never think it’s okay to steal someone’s identity, or break into their email accounts, might be tempted to click on the photos; after all, they weren’t the ones who hacked it, so they didn’t do anything wrong. But that’s actually not the case. Remember back to high school: the kid who stole a copy of the answer key from the teacher’s desk got in trouble, but so did everyone who looked at it in order to get the answers to the test. Viewing stolen content is still wrong, even if you’re not the one who originally had a hand in the theft.

It’s small comfort that this kind of celebrity attack is nothing new. For decades, paparazzi have stood waiting to snap famous people’s pictures and “gossip rag” reporters have dug through their trash cans for some dirt. Unfortunately, the digital age has just made the work of exposing people’s private lives easier and more effective. That trash can might have held a handful of pictures even just a few years ago, but an actor’s cloud storage account today can hold thousands or even tens of thousands of images and files.

What can the average citizen do in these cases? Refuse to play the game. For some hackers, the “street cred” of pulling off a major attack is all the compensation they want, but for many others, there’s big money to be made off of leaked photos or emails. When we peruse those stolen files, we’re making hacking both lucrative and more widespread. Don’t play along, and don’t support it. After all, today it might be a big celebrity’s personal account, but tomorrow it could be yours.


How much information are you putting out there? It’s probably too much. We are here to help you stop sharing Too Much Information. Sign up for the TMI Weekly.

The wave of the future gadgets might once have been the domain of EPCOT Center and “The Jetsons,” but many of those what-if devices are now a reality. More than that, many of them are now in our homes, our pockets, and our everyday lives.

A lot of our newfangled technology is “smart” or connected, meaning it has functions that require internet access. It might be storing your favorite TV shows in “the cloud,” or connecting your hallway lamp to the internet so that it knows to come on when it senses you—or rather, your smartphone since it’s always with you—coming within range. Either way, for most of our favorites new devices to work, we’ve been forced to share a little bit of our privacy.

One such device is the Amazon Echo. This home-based virtual assistant has a number of competitors on the market already, but recent information about how these convenience-keepers work has made people question the privacy we take for granted. Basically, all of these devices are “always on” and listening for their wake words, or names, to be called. If Amazon’s device hears one of three names you can choose at setup, it begins recording the interaction for customization purposes and better functionality. While the need to listen in and record has some concerned consumers rethinking their privacy, this feature is clearly stated by the developer and includes instructions for deleting the recordings whenever you like.

Another device manufacturer has come under fire for recording and storing consumers’ information, but this time it was without their knowledge or permission. A home electronics manufacturer has been ordered to pay more than $2 million to the Federal Trade Commission and the State of New Jersey because it let consumers know that the television could make suggestions for content to watch, but didn’t disclose that the reason the TV knew what you might like is because your viewing habits were being monitored. Not only that, the company must change its disclosure notice to let customers know that this feature requires access to some personal information.

While it might seem like this is the stuff of conspiracy theorists, the hard truth is that our privacy is more important than ever before. IoT-connected gadgets are in our homes, our schools, even inside our bodies thanks to medical advances. Without a clear understanding of our rights and full disclosure from the manufacturers, it’s hard to know when we’re giving up a little bit of our personal security. Keeping companies accountable for disclosure is an important step in keeping ourselves safe.


How much information are you putting out there? It’s probably too much. We are here to help you stop sharing Too Much Information. Sign up for the TMI Weekly.

When the internet of things first took off with “connected” devices and home appliances, the resulting reaction was fairly positive.

After all, this was finally the EPCOT Center-style wave of the future we’d long been promised. Our thermostats could adjust themselves based on our usage and our time away, our lights could come on when our smartphones told them to, our refrigerators could order our groceries as we ran out of milk. In short, it was pretty cool.

But then the privacy risks started to come into question. Who else could see our thermostat usage and know whether or not we were home? Which advertisers were ableto tap into that refrigerator’s grocery list and target us with products, whether we wanted them or not?

The bigger risk so far has been from privacy issues related to IoT medical implants. From pacemakers to glucose monitors, the internet has provided a better quality of care by letting doctors access their patients’ implants, but who else can see the data?

As it turns out, the police can, if they have a warrant and reason to suspect you of a crime. That’s certainly the case in a very bizarre tale out of Ohio. According to reports, a man set fire to his own house in order to commit insurance fraud. After different parts of his story didn’t line up, the police requested a warrant for the information recorded by the suspect’s pacemaker, which a judge then granted. Experts in the case have already concluded that his medical history and his heart rate readout from the device indicate he was never in any danger, and that the timeline of his heart rate’s increases and decreases couldn’t match his version of the events.

That case and others have privacy experts concerned. If the man didn’t have a pacemaker—or at least didn’t have one that sent recorded readouts to his doctor over the internet—he would never have been forced to cooperate in his own incrimination.

Another headline-grabbing case involved a man who was charged with murder, largely based on recordings from his home virtual assistant, Amazon’s Alexa. Again, other circumstances provided enough cause for the judge to issue the warrant, but if the man had not owned an IoT-connected device, there would have been no recordings from the night of the murder.

These are just two cases in which users’ own technology may turn on them in a court of law, and it’s a trend that has raised some eyebrows among privacy advocates. It’s also certainly something lawmakers will be expected to address in the future, but for now, it may take a few key court rulings in order to set a privacy precedent.

How much information are you putting out there? It’s probably too much. To help you stop sharing Too Much Information, sign up for the TMI Weekly.

Online advertising is to many tech users what those annoying late-night TV commercials once were. The cheesy sales pitches, the obnoxious fast-talking announcers, and the promises of “But wait! If you act now we’ll double your order!” have become such a part of our pop culture that they’re a joke all on their own.

Some users rely on ad blocking software to eliminate the popups and the flashing sidebar offers, and while it does make our lives easier, there are some pitfalls to it. The first is that the websites we visit rely on that advertising revenue to keep their sites going and to keep the internet relatively inexpensive for most users. The other factor is that some sites can detect your ad blocker and require you to disable it in order to proceed.

But how do websites actually benefit from the ads? By tracking your visit and your interaction. If you simply “see” the ad on your screen there’s one level of payoff, but if you were to actually click on it, then there’s more revenue. In some instances, actually making a purchase after clicking on an ad can result in even more revenue for the website that hosted it.

If you’d like to see this in action, here’s a test. Be warned, it will result in altering the way the internet thinks of your shopping needs. Try searching for something completely out of the blue, something that you would never shop for, like a stroller for your dog or a different model of vehicle. Then start paying attention to the ads that appear in your email inbox, your social media pages, and other sites.

You’ll notice that dog stroller or that new pickup truck starting to appear in different ads on different websites. You might even see competitors’ products or other brands than the one you searched for, or related products like ultra-expensive dog food—you obviously take special care of your pet since you’re interested in pushing it in a stroller—after that search.

That’s the sort of tracking that privacy experts are concerned about. If the internet ad industry can keep up with your search history and generate algorithms based on your interests, what’s to stop someone from following your searches and deciding on malicious ways to use that information? Even worse, who already has access to that search information? A search for a brand-new, high-dollar vehicle could mean you’ve got money to spend. A search for Black Friday deals on toys could alert a pedophile that there are children in your home. A search for medical marijuana could potentially alert someone—perhaps even your employer—to an illness you may have or an illegal activity you’re allegedly engaging in, depending on where you live.

Now, backing up…those are all very frightening and very unrealistic speculations about what happens to your internet searches. But it’s still the underlying reason why security advocates want tighter reins on who can track you for advertising purposes and who can legally access that data. Remember though, when you signed up for an account with an internet service provider or a cellular service provider, you agreed to certain terms and conditions. You might not have read the fine print, but it’s very likely that you agreed to have your search and shopping behaviors monitored and shared.

How much information are you putting out there? It’s probably too much. To help you stop sharing Too Much Information, sign up for the TMI Weekly.