The biggest challenges people are facing today in our online world is that there is so much information out there that everyone is exposed to security threats. So how do you protect yourself? Jason Hartman interviews Phil Alexander, security and data expert and founder of Data Privacy Network regarding phishing attacks, credit card fraud, and more. Phil warns people to watch out for scammers trying to get usernames and passwords or asking for money. He also recommends using gift cards instead of credit or debit cards when making online purchases, and being very careful about the information a company requests. For instance, social security numbers are NOT necessary for online purchases.
Phil and Jason discuss passwords, noting that there are many programs out there that can guess a password in a matter of minutes. Complex or strong passwords are crucial, and Phil advises being very careful about putting personal information out on the web. The most important information Phil imparts is know what your children are doing online, who they are emailing and chatting with, and the social networks they use. He offers suggestions to protect your children. For more details, listen at: www.HolisticSurvival.com.
A 20-year IT security veteran, Philip Alexander has worked in both the public and private sectors. His experiences include performing data security work for the United States Army, the financial services sector, travel & leisure, healthcare and telecommunications. Phil is also an accomplished author, having published a numerous articles, several webinars and three books, as well as public speaking on the critical issue of internet and data security.
Narrator: Welcome to the Holistic Survival Show with Jason Hartman. The economic storm brewing around the world is set to spill into all aspects of our lives. Are you prepared? Where are you going to turn for the critical life skills necessary to survive and prosper? The Holistic Survival Show is your family’s insurance for a better life. Jason will teach you to think independently, to understand threats, and how to create the ultimate action plan. Sudden change or worst case scenario, you’ll be ready. Welcome to Holistic Survival, your resource for protecting the people, places and profits you care about in uncertain times. Ladies and gentlemen, your host, Jason Hartman.
Jason Hartman: Welcome to the Holistic Survival Show. This is your host, Jason Hartman, where we talk about protecting the people, places and profits you care about in these uncertain times. We have a great interview for you today and we will be back with that in less than 60 seconds on the Holistic Survival Show. And, by the way, be sure to visit our website at HolisticSurvival.com. You can subscribe to our blog which is totally free, has loads of great information, and there’s just a lot of good content for you on the site. So make sure you take advantage of that at HolisticSurvival.com. We’ll be right back.
Phil Alexander: What’s great about the shows you’ll find on JasonHartman.com is that if you want to learn how to finance your next big real estate deal, there’s a show for that. If you want to learn more about food storage and the best way to keep those onions from smelling up everything else, there’s a show for that. If you honestly want to know more about business ethics, there’s a show for that. And if you just want to get away from it all and need to know something about world travel, there’s even a show for that. Yep, there’s a show for just about anything, only from JasonHartman.com or type in “Jason Hartman” in the iTunes store.
Start of Interview with Phil Alexander
Jason Hartman: It’s my pleasure to welcome Phil Alexander to the show. He is an internet security and beta privacy expert. I think this is an area of survival and prudence in our life that is very much overlooked by most people. And I’m glad that we have him here to tell us what to do and things we should be aware of today. Phil, welcome. How are you?
Phil Alexander: I’m fine, Jason. It’s great to be here. Thank you.
Jason Hartman: Well, likewise. Great to have you. So, what are some of the biggest challenges people are facing in the world of internet security and privacy?
Phil Alexander: Well, just that there is so much data out there, especially with the internet. The plus side is there’s tremendous access to information, but it needs to be used with due care because it does expose people to dangers of identity theft, credit card theft, and of course as a parent myself I want to make sure my kids are safe online.
Jason Hartman: And so what are some of the things that people are really, really doing wrong? Like some of the big egregious problems that can probably be easily fixed I bet.
Phil Alexander: Right. There are a lot of things you do without necessarily being a computer expert or an IT expert. For example, a common one, what I call scammers, they’ll send you emails saying there’s a problem with say your online banking account and your account will be frozen. Please send us your username and password to resolve this issue.
Jason Hartman: Does anybody really fall for that? I’ve had that email. I think, Phil, it came right after the email about the person trying to get the money out of Nigeria.
Phil Alexander: Right, that was the Nigerian attack. But from a risk, from the scammer’s point of view, if I send out 10,000 emails which doesn’t cost me anything, if I only get 1% back, I can still get a certain amount of fraud.
Jason Hartman: It’s amazing that anybody is that dumb. It’s just scary, isn’t it?
Phil Alexander: It is. And unfortunately, there are a lot of people who, like you said, you’re right, what’s called a phishing attack has been around for a long time and there are still people who fall victim to it.
Jason Hartman: I think one of the ways that people could fall pretty easily is sometimes if they’re good phishers, they create the air of legitimacy because there will be a link in the email that takes you to a site. So, if you bank with Bank of America, for example, it will take you to a site that looks like Bank of America’s site but if you don’t actually look at the URL in the address bar, you could mistakenly put your password into this fake banking website, right?
Phil Alexander: Right. I mean, the scammers have gotten very clever. You’re right. You’ll click on the link – I’ll stick with your example of Bank of America – and the website will mimic Bank of America very closely and the only difference will be when you actually enter your username and password and hit enter, instead it sends it to the scammer site and not to legitimate Bank of America. No bank’s gonna ask you to email them your username and password. And if you’re not sure the email’s legitimate, just call your bank or go into your local branch.
Jason Hartman: Okay, so phishing attacks. Do you want to mention any other types of phishing attacks?
Phil Alexander: There’s one that’s actually labeled the granny phishing attack. One is they’ll call seniors with grandkids saying your grandchild is in trouble and got in trouble south of the border in Mexico and they need $1500 to get out of jail and there’s a processing fee of $100 for us to do that. Well, that’s now a granny phishing attack that’s been labeled. If you get that kind of call, my advice is not to do that. And then you’ll make the call to your family to see if your grandchild really is in some kind of trouble and respond that way and not just from what’s called a granny phishing attack.
Jason Hartman: Right. So, do you want to move onto another subject beyond phishing? It still boggles the mind that people really fall for that stuff, but it happens. They only need a few people, right?
Phil Alexander: Yeah. Online shopping, it’s January now. We just got through the Christmas buying season. Myself included did a fair amount of purchasing and a lot of them is online. And there’s a risk there because a lot of times you’ll purchase an item with either a credit card or a debit card. The safety of your credit or debit card is specifically tied to how secure that online company protects the data. If their protection security posture is weak, your data’s at risk.
One thing that I recommend, instead of a credit card or a debit card, consider using a gift card. If I use a $100 gift card and buy something for $75, the only risk out there is the $25 still left on it and not my whole credit card or my whole debit card.
Jason Hartman: I just had some credit card fraud again. I’ve had it a few times on my last statement. Someone put $221 on my credit card at a merchant I didn’t recognize and don’t shop at. I think the debit cards are very dangerous. I don’t like debit cards at all. But the credit card, you’re not liable for it. I think technically you’re liable for $50, but I’ve never been held liable at least.
Phil Alexander: By law, you’re liable $50, but if you can prove that it was in fact a fraudulent charge they will give you back all your money. But you touch on something very important, the need to check your statements and if you don’t recognize a charge, call the company. If it’s legitimate, they’ll have a record of the purchase and they can send you the receipt.
And if I could, real quick, you’re also very correct that a debit card can even be more dangerous because it comes out your checking account. So not only can your scammer get your money, but you also risk bouncing checks. So checks you’re writing for legitimate bills could be bounced check fees on top of everything else.
Jason Hartman: Using a gift card rather than a credit card…Do you agree with me that debit cards are more dangerous than credit cards?
Phil Alexander: I do because in addition to the financial laws, you’re also looking at bounced check fees and can potentially even hit your credit score. So, yeah, there’s even more risk with debit cards. As far as online shopping, look at what data the online realtor’s asked you to provide. Now, certain online data’s necessary. For example, where do you want it shipped to? But I’ll say Amazon – which they don’t do – they’re a very reputable online company – an online company doesn’t need, for example, your social security number just to make an online purchase. Social security numbers are very risky, can lead to identity theft. So don’t provide pieces of information about yourself that aren’t specifically necessary.
In fact, one of the features that Walmart has, for example, they have a ship to store where you don’t even need to send them your home address to ship it to. You can ship it to a local store and just pick up an item there.
Jason Hartman: Apple has that, too, yeah.
Phil Alexander: Absolutely.
Jason Hartman: So, there’s probably a lot of fraud in that ship to store stuff because someone can go and somehow hack your account, have stuff shipped to the store, pick it up, it’s already been paid for as far as the store is concerned and you’ve basically paid for what they just purchased, right? Is that what you were gonna say?
Phil Alexander: You still need to be careful. If someone can hack your account or can get to your credit card, yeah, they can shop as you, get ship to store, ship to their address. So protecting your data, it’s everyone’s responsibility to be diligent about the data.
Jason Hartman: Let’s talk about hacking accounts for a moment if we can. I remember when Sarah Palin was the VP nominee. Someone hacked her Gmail account and it was in the news. And I get spam emails from friends and people in my address book that obviously their account has been hacked. They would never send me that email – I know that. And I also see that on Facebook as well where it’s obvious someone’s Facebook account has been hacked.
There are programs out there that can go and try to log into a website and they basically just guess passwords, right? And I’ve heard that these programs, it is insane how quickly they work. And the websites must have some safeguards which I’m sure you’re gonna talk about. But I’ve heard that these programs – and I don’t remember the exact number but it’s a huge number – that they can guess within a couple of minutes – it can run millions of password combinations and try to guess a password.
Phil Alexander: Right. What you’re talking is like a dictionary attack or a brute force attack. And you’re right. With modern computers, they can very quickly go through tens of thousands of potential password combinations. That’s why a way to help prevent that is after say 3 to 5 invalid password attempts lock out the account and send a reset to your email address that you’ve registered before.
But you brought up another important point. A lot of free internet based email accounts or even social networking sites, you’re not in charge. You’re the user, you’re not in charge of security or it’s not like a major corporation has an internal email account where they are in charge of the security. It’s basically the internet company that’s in charge of security and you don’t know what their posture is. You don’t know if they’re gonna lock out your account after a failed attempt. You don’t know if they’ve enforced any kind of password complexity. Could my password be 12345? Could the password be my first name? And on some sites you could. And you’re right – it wouldn’t be very hard to hack it.
Jason Hartman: So, what do we do about that? How do we protect ourselves? I mean, we can’t control all of the websites we like to use and what they do. What do we do?
Phil Alexander: You brought up an important point. If you guys email from someone you know but it’s out of character for what they do, check with them. And what I do, say if I have a Hotmail or a Yahoo! account, I’m still gonna use what I consider a hard to guess password and because it’s an internet based account, I’m not gonna put things in there that are sensitive. I’m not gonna start discussing extremely personal things there. I’m not gonna be talking about my financial information or my wife through a Hotmail account or Yahoo! account just because I don’t control the security of those accounts, so I’m not gonna put data that I consider very sensitive there.
Jason Hartman: Yeah. So, obviously be careful. Don’t put sensitive data. But do you have any recommendations on which companies are maybe better than others? Or is there a website? The problem is I don’t know if you could even keep a list like that because it’s a moving target. The companies are changing their policies all the time, I’m sure.
Phil Alexander: And that’s one of the challenges is companies are changing their policies all the time. I take a very cautious eye to free internet email from any provider, even well-known ones. Going back to online shopping, not only do I exercise due diligence there, but I try to stick with very well-known companies that are mature and who want to defend their reputation, so we’ll have a certain level of security that’s in their own best interest versus an unknown site that I had less of a good feel that they have a strong security posture.
Jason Hartman: Alright, what else would you like to cover?
Phil Alexander: Well, what I wanted to talk about was knowing what your kids are doing online as parents. One thing I tell people, ignorance is not bliss here. Who are your kids chatting with online? Who are they e-mailing? Do you know who they’re texting? Do you know what social media sites they’re on? Do you know if your son or daughter has a Twitter account or a Facebook account? Do you know who their friends are online? If you don’t, you really should. Are they being bullied online?
I guess it’s hard being my kid because I’m one of the parents, because of the business I’m in, I know more about computers than even my teenage son does. So, as a parent, be involved and monitor who they’re emailing, who they’re texting, who they’re chatting.
Under no circumstances, let your minor child friend someone they only know online. And never agree to meet someone, especially as a child, never agree to meet someone in real life that they’ve only met online.
Jason Hartman: Oh, yeah, very scary of course. Facebook, I believe their policy is anybody over 13 is allowed to have a Facebook membership. Is that correct?
Phil Alexander: I believe so, yes. That’s correct.
Jason Hartman: Really, what a Pandora’s box. Most people don’t have enough time to monitor their own voicemails, emails, text messages and social media, much less their children. And I mean so much damage can be done so quickly. How do you do that?
Phil Alexander: Like I said, it can be a lot of work. You brought up a real interesting point and you’re right, but there’s a little box not certifiable until 13.
Jason Hartman: Who cares? I’ve always thought those things were funny. Like, you go to an alcohol website. Yeah, I’m over 21.
Phil Alexander: At least when I was a kid and I tried to walk into a bar, I had to have an ID with me to get into the bar. And now if I say “Yeah, I’m over 13” or, depending on the site, “Yeah, I’m over 18”. But they don’t check. They don’t have to enter in some kind of verification to prove. So, yeah, I’m sure there are a lot of 9 year old kids with a Facebook account.
Jason Hartman: Scary stuff, definitely. But I assume those children accounts are set up by the parents and they offer some degree of control that maybe the general public can’t see your kid’s profile and maybe parents have to approve all friend requests or something like that would be a good idea.
Phil Alexander: Absolutely. I tell my son I’m in charge. And what he can do on Facebook – at least at this point and this is my personal preference as a parent, that right now I don’t want him on Twitter. I’m not saying that all parents do that, but that’s in the Alexander household, and watch his etiquette. Don’t email someone or text someone or post something online that you wouldn’t talk face to face to a parent or to a teacher as a student. Don’t get “vulgar” or “disrespectful” just because, well, it’s only an email, or I’m only posting online so it doesn’t matter. Yeah, it does.
Jason Hartman: Yeah, there’s a person behind that that sees that. And there may be consequences. They may get back at you. So, you gotta be careful. I gotta tell you personally I just hate bullies. I mean, I just despise the concept of bullying. It is so nasty and I remember hearing about that case a couple of years ago how this teenage girl, I believe it was, was bullied by a parent posing as one of her peers – I don’t want to say friends – that did all kinds of mean things and I believe she ended up committing suicide. I mean, what a tragic, tragic story.
Phil Alexander: It’s a heart wrenching story you’re referring to. It was a young girl named Megan Meier.
Jason Hartman: Maybe we need another Megan’s Law.
Phil Alexander: Yeah, perhaps we do. It was basically a mom of someone who Megan had a falling out with was posing as a 16 year old boy named Josh Evans and so they were having this friendship online and the “Josh Evans” broke up with Megan and the poor girl wound up committing suicide. It’s a tragedy.
One thing I tell people, not only through data privacy network, but like I said in the community just as a parent, if you see cyberbullying, stop. Don’t respond, don’t hit reply. Your response is to tell your mom and dad just what’s going on and ignore it. And let your parents respond accordingly. Does it rise to the level to notify authorities or not? But in no circumstances start getting into an online battle with a cyberbully. If you see it as a child, tell your parents. I tell my kid there is nothing, and I mean nothing that he can’t bring to my attention. I’m here for him no matter what. And that includes if something bad happens online, you come to dad and I’m here for you 100%.
Jason Hartman: Anything else on bullying you wanted to say? Any other tips or anything?
Phil Alexander: And the opposite’s true, too. Like I said earlier, etiquette works both ways. Don’t respond to cyberbullying. Don’t be a bully yourself. Watch your etiquette and your conversation with people. And that includes your online electronic conversations as well.
Jason Hartman: Good point. Anything else people should know about the privacy and online security?
Phil Alexander: I would just say like on your computers itself, depending on your program, keep up to date with simple things like patching and anti-virus and they have spam filtering, just like this time of year, we encourage people to get a flu shot so you don’t get the flu virus. Well, keep your computer healthy can help it from getting viruses and sometimes those viruses steal information. So, a more robust computer, a more up to date computer will help protect it and then yourself from attacks that may lead to data loss.
Jason Hartman: Are you a Mac or a PC user?
Phil Alexander: Actually, I use both.
Jason Hartman: Which one do you prefer?
Phil Alexander: For ease of use, more of a MAC.
Jason Hartman: So, I asked you that because I wanted to know where you’re coming from before this next question and maybe we could just kind of wrap up with this. And I’m a MAC user by the way, just so you know where I’m coming from. But I used PCs for many years and I like the MACs better. But if you talk to Apple, they seem to think that a MAC never gets a virus. And I think they’re just toeing the company line. I think it’s ridiculous. Any computer can get a virus. But in the broader scheme of things, are MACs more secure? Probably are, right?
Phil Alexander: MACs are more secure. But I agree with you. No computer is 100% virus proof. I do believe they have a more robust operating system. But I think, quite frankly, especially in years past, the reason there were less viruses attacking MACs is because there were less MACs out there. Now, they’re grabbing a larger portion of the market share…
Jason Hartman: They become a bigger target for the bad guys.
Phil Alexander: Absolutely.
Jason Hartman: No question about it. Yeah, well good stuff. Hey, give out your website and tell people where they can learn more.
Phil Alexander: They can look at my website at www.DataPrivacyNetwork.com. I have a lot of new information there, some informational articles, and there’s also a form of how to contact Data Privacy Network and me directly if they’d like to do so.
Jason Hartman: And are you located in Phoenix? I noticed your area code.
Phil Alexander: Yes, I am located in Phoenix, Arizona.
Jason Hartman: Fantastic. Well, so am I. Well, good stuff, Phil. Hey, thanks for joining us today. And everybody out there, don’t neglect this area of your life. It deserves some attention. There’s some pretty easy things you can do and save yourself a lot of potential aggravation in the future.
Female: You know, sometimes I think of Jason Hartman as a walking encyclopedia on the subject of creating wealth.
Male: Well, you’re probably not far off from the truth, Penny, because Jason actually has a 3 book set on Creating Wealth that comes with 60 digital download audios.
Female: Yes, Jason has that unique ability to make you understand investing the way it should be. It’s a world where anything less than 26% annual return is disappointing.
Male: I love how he actually shows us how we can be excited about these scary times and exploit the incredible opportunities this present economy has afforded us.
Female: We can pick local markets untouched by the economic downturn, exploit packaged commodities investing, and achieve exceptional returns safely and securely.
Male: I also like how he teaches you to protect the equity in your home before it disappears and how to outsource your debt obligations to the government.
Female: And the entire set of advanced strategies for wealth creation is being offered at a savings of $94.
Male: That’s right. And to get your Creating Wealth Encyclopedia Series, complete with over 60 hours of audio and 3 books, just order JasonHartman.com/store.
Female: If you want to be able to sit back and collect checks every month just like a banker, Jason’s Creating Wealth Encyclopedia Series is for you.
Narrator: Thank you for joining us today for the Holistic Survival Show, protecting the people, places and profits you care about in uncertain times. Be sure to listen to our Creating Wealth Show which focuses on exploiting the financial and wealth creation opportunities in today’s economy. Learn more at www.JasonHartman.com or search “Jason Hartman” on iTunes. This show is produced by The Hartman Media Company, offering very general guidelines and information. Opinions of guests are their own and none of the content should be considered individual advice. If you require personalized advice, please consult an appropriate professional. Information deemed reliable, but not guaranteed. (Image: Flickr | DaveBleasdale)
Transcribed by Ralph