Bloomberg reports today that 20 million users of a Russian online dating site Topface had their user names and email addresses hacked and offered for sale via an online black market.
The owners of the dating site, which uses a similar format to Tinder here in the States, were quick to note that no password or payment information was compromised, as the the majority of users log in with their Facebook details.
So what’s the big deal with having your username and email taken by thieves?
According to an online security expert quoted in the story having these details compromised still presents reasons to worry:
Ingevaldson said such personal information usually sells quickly, to fraudsters who use automated software programs to find sites where people used the same information they did to access the dating site…Hackers are targeting popular websites to steal user names and passwords that they later use to try break into electronic-payment and mobile-phone accounts.
Here are our thoughts:
First, in an increasingly connected world, where online dating apps utilize your Facebook details and Facebook increasingly seeks to access your wallet, data security becomes even more important. Managing your passwords, and getting educated about the security the vendors you choose to do business with are essential.
Second, actively managing your online presence via social networks, online dating sites and gaming sites is no longer optional. When you grow tired of apps or social networks ensure you have removed yourself and your data from their servers as much as you can.
Leaving your username and email available across dozens of different sites with varying levels of security is just what cyber criminals want.
If you’re interested in how BeenVerified can help you manage your online presence, check out our previous blog post on the topic here.
2014 was finally the year that Internet and data security became mainstream concerns from the celebrity iCloud hack to the alleged cyber assault by North Korea on Sony Pictures.
Despite the constant headlines about the importance of a strong password, it seems few of us are taking that imperative seriously, based on the just released list of last year’s most popular passwords, compiled by SplashData.
As Fast Companyreports, some of the most common passwords are so simple such as “123456” and the perennial favorite “password” that one wouldn’t need a degree in computer science to hack into your computer or cloud storage account.
While you can see the full list of laughably simple and obvious passwords here, you may need a refresher on what makes for good password hygiene.
According to SplashData, here are three simple steps to make a strong password:
1. Use passwords of eight characters or more with mixed types of characters.
2. Avoid using the same username/password combination for multiple websites.
3. Use a password manager to organize and protect passwords, generate random passwords, and automatically log into websites.
It’s no surprise that SplashData offers one such password manager solution, but others include the well-reviewed 1Password which allows you to use just one password across all sites while it encrypts your information quickly and relatively easily.
Until we reach the days of ubiquitous finger print readers and retina scanners, the traditional password will be dogging our digital lives. Make yours smarter and hopefully you will stay off this map in 2015.
The ongoing saga of the Sony hack, from gossip about Angelina Jolie’s acting skills to disturbing threats against theaters planning to show The Interview, has dominated headlines the past couple of weeks.
Amid the North Korean intrigue, one lesser- followed aspect is that many former Sony employees whose data were hacked announced they would sue the company for failing to protect their data.
Anyone paying attention to the news lately would be rightly concerned about the number of data breaches or hacks suffered by major companies from Home Depot to JP Morgan Chase and Target.
At BeenVerified, we don’t recommend operating from a position of fear. On the contrary, we believe information and awareness are your most powerful tools for managing through today’s environment, which is admittedly filled with potential threats.
While you likely can’t prevent North Korea or Russia hacking your company, favorite retailer or even Uncle Sam, you can take the following steps to minimize the fallout:
1. Know Who Has Your Private Data
This is the most important step. While it’s likely dozens or hundreds of companies have your name and email address, a select few also have access to your social security number, health records, and salary information. Make sure you know which organizations those are.
If you hear about your bank, employer or even hospital suffering a data breach, then you know you need to take immediate action. In the meantime, you can call these organizations to get a clearer understanding of what safeguards they have in place to protect your data.
As for those hundreds of email lists you’ve signed up for, don’t discount what a dedicated thief can do with just those limited pieces of information. Financial losses from phishing attacks were estimated at $1.5 billion in 2012.
2. Investigate Holes in Your Cloud
Many will remember the celebrity iCloud scandal from earlier this year featuring major celebrities such as Jennifer Lawrence and Kate Hudson. While private photos being stolen may not have the same impact as losing a substantial amount of money, the emotional trauma can be much worse.
More importantly, the iCloud hack has left serious questions about the security and appropriateness of cloud storage in general. Many cloud providers, including Apple, have said that the issue is not with the technology itself but rather how users manage their own security settings.
If you’re storing anything more personal than video game high scores on the cloud, it’s a good idea to review your privacy settings and password protocols now. Guard your IDs for logging into your cloud tightly as even the best hackers typically need some personal information in order to break in.
Even as new solutions emerge for cloud security, hackers find ways around them, so think carefully about what you store on the cloud and know the risks.
3. Invest in a Shredder
While the new generation of data breaches that have afflicted companies and consumers alike seem to exist in a world of high-tech software, there are some hardware solutions that can help prevent hackers from getting a leg up on you.
Ensure that all bills, bank statements and even presorted junk mail with your name on it is thoroughly destroyed before being thrown away. Many scams still revolve around obtaining your info through traditional pieces of mail.
Better yet, opt out of credit card junk mail here and switch to paperless billing with all of your bills. It will save trees and give identity thieves less of an opportunity to make you a mark.
If you are especially worried about being hacked or having your identity stolen, regular check ups of your credit report, as well as running a background check can serve as tools to alert you to anything amiss.
Yesterday GigaOM reported that thieves steal over one million cell phones in the US annually. As the article notes, that means one tenth of all robberies involve a cell phone.
We previously wrote an extensive post on why it’s not a good idea to keep sensitive photos, such as naked selfies, on your phone for this reason among others.
The fact that added protections such as kill switches are becoming increasingly common, doesn’t invalidate the need to be careful with what you store on your phone. It may be many hours until you realize your phone is gone and by then any curious thief could have uploaded the contents of your phone to the cloud.
With cell phone theft so prevalent, it’s a good idea to review some basic steps to help avoid becoming the next victim and minimize the damage if a theft does occur:
Put a complex passcode on your phone—now.
All smartphones have the ability to put a screen lock code on to prevent intruders snooping. What many people don’t realize is that most phone makers offer more complex password options in the settings. The iPhone, for example, offers eight digit passcodes instead of the standard four.
Activate anti-theft measures
Likewise, many providers including Apple and Google now offer added anti-theft measures such as kill switches to lock the phone once you realize it’s missing or stolen, which will make it useless to the thief. Investigate the options your provider offers and ensure you are enrolled now. Insurance is only useful before you need it.
Don’t leave your phone out in public
It’s no coincidence that cell phone theft makes up the majority of all robberies in cities like San Francisco and New York, which feature active nightlife scenes. Avoid leaving your phone out on tables or on the bar. This makes it easy for the observant thief.
Don’t forget about your apps
If you have premium apps on your phone it’s a good idea to immediately reset your password and work with customer service to make sure none of your data has been compromised. In the case of BeenVerified, you can contact our highly rated customer service team to help you with any concerns.
Do notify the police and also all of your key contacts. As this article notes, the thief may try to use your identity to trick your contacts into sending money or some other nefarious purpose.
Have we forgotten any precautionary steps? Have you used a “kill switch” after your phone went missing? Let us know in the comments.
Last week we shared our thoughts about the potential pitfalls of Tinder, the app that has taken taking the online dating world by storm over the past couple of years. One aspect we didn’t discuss was Tinder’s fast growing population of underage users.
Tinder’s founder, Justin Mateen, disclosed this stat himself earlier this year: over 7% of Tinder’s users are aged 13-17.
As we mentioned in our previous post, one of the game-changing features of Tinder and similar online dating apps is the mandatory use of GPS location services that come built-in with smartphones to connect users in a similar geographic area. With Tinder, that service can put matches within a mile of one another.
While many parenting blogs have since blown the whistle on the inappropriateness of underage kids using Tinder, some calling it “the worst app ever for teens,” Tinder’s founder has since provided some clarity on his original statement suggesting the safeguards that both Tinder and Facebook, which the app uses to authenticate its users, prevents adults and underage users from interacting, as well as unwanted contact between users.
As many sources have noted however, it is extremely easy to create either a fake or secondary Facebook account. In fact, many Tinder users create secondary Facebook accounts entirely for the purpose of trawling Tinder, or to maintain their own privacy and safety.
While the prospect of your 13 year-old using Tinder may terrify you, keep in mind many, if not most Tinder users treat the app as a game rather than a serious dating or hook up site. Tinder itself calls the app a “social discovery” tool. While many of the parenting blogs that raised the red flag on underage Tinder use suggested blocking the app from their teen’s phone, which in many cases may be justified, it won’t prevent them from using the next app that could compromise their safety.
Instead, consider employing these tactics to keep your kids aware of risks:
1. Teach your kids about the importance of their privacy and the internet. They should know which of their phone’s apps use location services like GPS and how to effectively manage privacy settings on social media platforms. If you don’t know these things, then it’s time for you to get educated, too.
2. Learn about the new people in your kids’ lives. It’s not an immediate red flag for your teenager to have a friend over the age of 18, but if you get a funny feeling, consider running a background check and talking it over with your teen.
3. Keep the lines of communication open. The worst thing that can happen is alienating your child and losing the ability to easily keep tabs on their activities, online and off.
There is nothing like a naked celebrity to concentrate attention on an issue like data theft. This week a major scandal erupted over the hacking of major celebrities iCloud accounts. As a company focused on building trust online, stories like this obviously catch our attention.
If something like this can happen to celebrities who constantly monitor and guard their public images, it likely can happen to you, too. The alleged hacker in this case notably thanked the “many people” who helped contribute to stealing the images. While the safety of storing such sensitive material on the cloud can and will be debated, we thought looking at who you should not trust with such images is a great way to minimize your own risk.
Here are three types of people you should avoid sending naked photos of yourself if you want to ensure those images stay offline:
Some people like to show off their uninhibited side early on in the dating process with suggestive photos to whet their mate’s appetites. This tends to always be a bad idea. Dating is an extremely ephemeral pursuit and the odds of you having a meaningful relationship with any one date are quite low. However that picture image can live on forever. Platforms like Snapchat have emboldened this type of behavior with the idea that the photos will quickly disappear, but as this article points out, there are many hacks available to retrieve images if someone is so inclined.
Significant Others / Spouses
While many people would never send a sensitive image to a date, a significant other or spouse brings is generally agreed to be a different ballgame. While there is an implied amount of trust involved in such serious relationships, one shouldn’t forget that sadly, many of these relationships -including marriages- will fail at some point. Unfortunately, many will even turn into nasty divorce and custody proceedings. Don’t let that romantic picture turn into a headache, or worse yet, a source of blackmail, later on.
You may think your naked selfie is safe on your own device, but you would be wrong. Ignoring the fact that hackers can use increasingly sophisticated means to virtually break into your device or cloud storage account (as in the recent celebrity case), there are more basic reasons to be concerned. Consider that 3.1 million mobile devices are stolen in the US each year and data shows that an American loses a phone every 3.5 seconds.
The next time you have an urge to take or send a naked picture of yourself or mate, ask yourself if you’ve thought through all of the consequences and can feel certain that you won’t regret it later.
When so many of us rely upon our cell phones not just for calls, but for internet access, cameras, and entertainment, getting persistent calls from unknown numbers can feel more like an orchestrated invasion rather than just a mere nuisance.
This is especially true if you answer the call and find out that it’s someone you do not want to talk to: sales calls, someone trying to pull a phone scam, a crazy ex or a stalker, or even a bill collector.
By providing you with the name of the number’s owner, BeenVerified’s reverse phone lookup service can help you identify who is trying to reach you. Once you know who is calling, you can decide if you want to talk to them.
Hate to get sales phone calls? We do and we try to avoid them, but sometimes it seems like some companies just ignore the Do Not Call Registry. What may be the most challenging part of a sales call is that many of us have been raised to be polite, rather than assertive, and many telemarketers are taught to take advantage of those good manners. Knowing a phone call is a sales call can help you avoid sales calls in two ways: first, you can choose not to answer the call; second, you can contact the company and inform them that you are on the Do Not Call Registry and ask them not to call you.
Another type of phone call that can be more than a nuisance is the scam phone call. There are a wide variety of scam phone calls, but they all basically involve trying to get financial information or money from you.
Five of the most frequent types of scam phone calls are: charities, legal, lotteries or sweepstakes, work from home, and false banking alerts. Charity scams are calls where people represent themselves as legitimate charities seeking contributions, but the callers are either not linked to the charity they reference or the charity is a fraudulent one. Legal scams threaten civil or criminal legal action unless you take certain steps. Lottery scams say that you have won something, but ask for financial information to secure your winnings. Work from home scams offer to provide training or job opportunities so that someone can work from home, but without any actual attached job. Finally, false banking alerts suggest that one of your accounts has had fraudulent activity and asks for identifying financial information to remedy the problem.
Almost all of us have dealt with unwanted personal phone calls. Many of us have probably experienced the ex who calls from different numbers in an effort to communicate. Others of us have probably had strangers call from multiple numbers as well, in a persistent stalking pattern. Using BeenVerified’s Reverse Phone Lookup to identify who owns a number can not only help you decide whether to answer a call, but can also be an important way to help build up a record of stalking or harassment.
The final category of unwanted calls is debt collections. There are some pretty basic rules outlining what type of behavior is legal for debt collectors, but many of us who have fallen behind in our obligations have experienced behavior from debt collectors that steps well outside of those legal boundaries. Using BeenVerified’s Reverse Phone Lookup service may help you identify how to contact debt collectors to direct them to contact you in writing, rather than on the phone.
If you receive persistent calls from unknown numbers, get the information you need today.
Let us know if you have any questions in the comments section.
As a company focused on making it easier for the average person to conduct a background check, we’ve been following the EU ruling that individuals have the “right to be forgotten” when it comes to search engine results with some interest. As Google begins complying with the new law, it is worth considering the implications, even if a similar ruling has yet to make it to our shores.
With an individual’s right to request removal from a search engine, might this make the ability to search public records even more valuable? Should this apply equally to those with criminal records and those with merely unpleasant embarrassments from their past? We don’t have the answers, but think it merits more attention.
Here are some links to get you caught up on this fascinating case, and remember, BeenVerified respects your privacy. Individuals have always had the right to opt out of our search results by request.
A common use of BeenVerified.com’s background check service is the self-check. Sometimes concerned, but often just curious people will “BeenVerify” themselves to know what’s out there. Just as your doctor recommends self-examinations to monitor your physical health, so should you monitor and be aware of your online reputation. Simply put, you should know what’s in your public record.
We’ll take a closer look at some of the following items that may show up in your own public record in future blog posts and what, if any, response might be appropriate. Here are some things you might find in your search:
1. Current and Historical Addresses BeenVerified.com is a popular destination for those looking to update their address books. Make sure your current residence is accurately listed in case old friends want to get back in touch. If you’re a homeowner, you may want to ensure your home’s vital statistics are listed accurately to ensure the correct value.
2. Criminal Records We’ve covered how to interpret and understand criminal records in detail in the past. If you have a criminal record, there are ways to present yourself in the best possible light as we will examine in a future post. And remember, employers are barred from using BeenVerified to screen for employment or tenancy by the Fair Credit and Reporting Act (FCRA).
3. Bankruptcies, tax liens and civil judgments All three of these events can appear in your public record. It’s important these events are updated to reflect current realities of your situation. For example, an unpaid tax lien can appear on your public record for ten years after the fact and affect credit decisions for years later. If there is an inaccuracy in your public record, then you should dispute it and get it corrected.
4. Social media accounts You may not be overly concerned if your primary social media accounts like Facebook and Twitter show up as part of your public record, as they are usually intentionally left public. But what about that old MySpace or LiveJournal account? You may decide after running a self-check that it’s time to do a social media account clean up. We’ll go into detail on some of the best ways to do that in a future post.
5. Incomplete Information Public records do not come from one data source but disparate sources across the country from different states and municipalities. If you can’t find something you’re looking for, it may because it’s not yet been digitised. In that case, you may be interested in learning more about BeenVerified’s court runner service.
Don’t stay curious–run a background check on yourself now with BeenVerified.com and take action if needed.
If you’ve run a check on yourself and have questions let us know in the comments section below.
BeenVerified offers a fast and simple method to opt-out of our search databases. Please send an email to email@example.com and supply the following information. The only reason we request this information is to help our removal team locate the correct records you would like removed. We do not sell or use it in any other way.
Your name as shown on our site
Current address (City, State, Zip)
Please note that we cannot guarantee like or similar records from reappearing in the future. Public records come from multiple sources and are constantly being updated and there is no one universal system for identifying individuals that can provide a total opt out. If a like or similar record appears in the future, please feel free to simply email us and we will remove that as well.