Latest opinions that Robert Siciliano has shared on Finextra

Join the Community

24,090

Expert opinions

40,653

Total members

324

New members (last 30 days)

212

New opinions (last 30 days)

29,284

Total comments

Join Sign in

Robert Siciliano

Security Analyst

Safr.me

Member since

04 Feb 2009

Location

Boston

View Robert Siciliano's full profile

Robert's opinions

Typosquatting for Fun and Profit

Typosquatting, which is also known as URL hijacking, is a form of cybersquatting that targets Internet users who accidentally type a website address into their web browser incorrectly. When users make a typographical error while entering the website address, they may be led to an alternative website owned by a cybersquatter or criminal hacker. Typ...

12 October 2010 /security /regulation

5 Ways to Prevent Check Fraud Scams

Check fraud is a billion dollar problem. Check fraud victims include banks, businesses and consumers. Our current system for cashing checks is somewhat flawed. Checks can be cashed and merchandise can be purchased even when there is no money in the checking account. There are 5 main forms of check fraud to watch out for: Forged signatures are the ...

12 October 2010 /security /regulation

Women Proved Securest in the Defcon Social Engineering Game

In a recent post (Hackers Play “Social Engineering Capture The Flag” At Defcon), I pointed to a game in which contestants used the telephone to convince company employees to voluntarily cough up information they probably shouldn’t have. Of 135 “targets” of the social engineering “game,” 130 blurted out too much information. All five holdouts were ...

10 October 2010 /security /regulation

Half Billion Records Breached in 5 Years

In the late 90s and early 2000s, hacking had evolved from “phreaking” (hacking phone systems) to “cracking” (breaking into networks). At the time, hackers hacked for fun, for the challenge, and for fame and popularity within the hacking community. But soon enough, the public began spending more time online, shopping, banking, and managing personal...

10 October 2010 /security /regulation

Social Media is a Criminals Playground

Social media has become a playground for adults, teens, and tweens. And like on any playground, when you hit the jungle gym or horseplay on the seesaw, there is always a chance that you may go home with an egg on your forehead. Or, if you are like me, a broken collarbone. Twitter and Facebook have become the most popular sites for frolicking, and ...

07 October 2010 /security /regulation

Criminal Hackers Create 3 Million Fraud Websites Annually

A recent study shows that organized criminals create approximately 8,000 malicious websites every day, or over 57,000 each week. These malicious websites model legitimate websites that we visit every day, such as bank websites, online shopping sites, and eBay. According to this study, the most frequently impersonated companies include Visa, Amazon....

07 October 2010 /security /regulation

50 Million Dollar Van Gogh Stolen No Alarm System

“A prized Vincent van Gogh still life was stolen from a Cairo museum leading to a massive art hunt, conflicting reports about the details of the crime, and plenty of finger-pointing. Five people, meanwhile, have been arrested for “negligence” in relation to the embarrassing theft, which seems to have been carried out in the absence of rudimentary...

05 October 2010 /security /regulation

Log Out, Log Out, I repeat, LOG OUT

One of the most common yet underreported causes of data breaches is users’ failure to properly log out of public PCs. Is your work computer accessible to others, perhaps after business hours? How about your home computer? Does its use extend beyond your immediate family, to your kids’ friends or babysitters, for example? Do you ever log in to a hot...

02 October 2010 /security /regulation

Victim Rebuilds Life After Identity Theft

This story is about a victim of criminal identity theft. The victim is a trucker who discovered that his identity had been stolen when his commercial driver’s license was suspended because the thief who stole his identity had been busted for drinking and driving on four different occasions. Imagine. The consequences of identity theft are often so ...

27 September 2010 /security /regulation

Strong Passwords Are Not Enough

I’ve said it before, use upper and lower case, use number and letter combinations and when possible, if the website allows it, use special characters. It has been documented that “Adding just one capital letter and one asterisk would change the processing time for an 8 character password from 2.4 days to 2.1 centuries.” It is great advice to stren...

22 September 2010 /security /regulation