Cyber criminals in other countries and locally are getting away with stealing millions of dollars from hard-working Americans through internet thievery. However, Modesto private investigator Jon Jacobson told a Ceres Chamber of Commerce breakfast that there is much the average citizen and businessman can do to ward of identity theft and cyber extortion.
Speaking at Alfonso's Mexican Restaurant, Jacobson explained that many police departments in America are not equipped to handle the crimes being committed every day to steal money from unsuspecting victims of international cartels of cyber terrorists and thieves.
Jacobson explained how a client, a lavender farm owner in Le Grand, lost her entire data base when a hacker wiped out her hard drive after she failed to pay a $10,000 extortion demand emailed to her. Those "denial of service attacks" are becoming more and more common, especially among small businesses, he said.
"It's very common here in the Central Valley - very common with business owners because most business owners can come up with a few thousand dollars in order to not have their whole system shut down," said Jacobson. "The reality is that there is so much violent crime, police really aren't able to help. They don't have the staff. They don't have the budget. They don't have the sophistication."
Much of the cyber crime is being committed through the internet by professional hackers inside of Russian and Eastern European organized crime syndicates. "A lot of it leads to Sacramento, which is the second largest Eastern European population in America, the first one being Brighton Beach, New York."
He said some cyber theft is being committed from South America and Brazil, too.
"You might see on your credit card charges from Brazil so make sure you watch your credit card statements closely every month because you'll see charges from all around the world. I just got nailed a couple of months ago, like four grand, out of England. It's very prevalent and it's going to become more. Worldwide as the gap between the haves and have-nots increases it's going to be more and more."
Even members of the Norteno street gang are involved in cyber crime. "These guys are smart. I know. I've sat with them. And it's scary because they're organized and extremely intelligent."
A professional can make $200,000 to $400,000 a year ripping people off through the lower levels of the internet, he said, with virtually no chance of being caught.
When the crime is linked back to the native country, there is often no prosecution because of corrupt governments, he said.
While it has become harder to hack into bank accounts, professionals now hack into data bases of Americans, email the victim to demand money or else the data base will be wiped out.
Jacobson recommends people shutting down their computers while not in use to prevent the computer from being a part of the "bot nets" (short for robot networks) used to spending billions of spam emails each day. He said bot nets often go undetected by the major firewall.
"Your computer power is used in combination with hundreds of thousands of other computers to send out billions of emails a day," said Jacobson.
He also recommends protecting cell phones through the use of Silent Circle for encryption protection against hackers. The program also protects against wire taps.
"Anything you talk about on the phone is recorded. I can tell you that AT&T stores everything forever. Your texts are recorded, your PGS location data. Right now Verizon saves for three years."
He also recommends iPhones over Droid and Android phones because of the lack of regulation and security when using some flashlight applications. The Apple market is "much more secure" and thus it is nearly impossible to be hacked via the internet.
"If you have a password that's in the dictionary or a person's name - that password takes five seconds to crack."
Jacobson said the best password using a favorite song stanza abbreviated and then a favorite celebrity's birthdate. He used the example of Guns N'Rose's "Welcome to the Jungle." So he extracted from the stanza WTTJ and then added the favorite actor's birthdate.
"The chances of that being cracked are little to none."
He warned of phishing and spoofing spams designed to unwittingly extract a person's account log-on information. To ensure that bank and money websites are secure, Jacobson said look for the "s" behind http to where it starts out "https" in the URL.
Jacobson also warned about online behavior at hotels which use free Wi-Fi and where cameras may be set up to watch people's keystrokes for user names and passwords. "Free Wi-Fi comes with a cost - getting your identity stolen and the hassle of being victimized."
At the business place, he suggests that managers check the credentials of anyone coming into work, such as someone claiming to be from a cable TV company, AT&T or PG&E. It's too easy for a criminal to pose as the worker of a legitimate firm and drop a thumb drive, knowing someone will pick it up and plug it in out of curiosity sake. That thumb drive could have a program that opens the door to cyber theft by recording all key strokes.
"It may be benign but it may be somebody who wants in your system."
He also suggests vetting key employees regularly to see if they have integrity against internal theft.
Other suggestions he offered the group included:
• Shredding all sensitive documents with micro-cut shredders;
• Vetting all vendors and their employees,
• Never using CAT-5 ethernet cable;
• Doing periodic penetration audits by private investigators to see how secure the company system and employees are.
• Auditing Facebook and Twitter accounts of employees who may compromise their employers.
Forbidding employees from connecting iPhones to the company internet.