Good Security Advice- GPSs and Cell Phones

[njedpx3]

I know Adam just got a new GPS so I wanted to pass it on to him and others.
I use my dog’s name for my Home phone number.

This gives us something to think about with all our new electronic
technology.

GPS
A couple of weeks ago a friend told me that someone she knew had
their car broken into while they were at a football game. Their car was
parked on the green which was adjacent to the football stadium and
specially allotted to football fans. Things stolen from the car included
a garage door remote control, some money and a GPS which had been
prominently mounted on the dashboard.

When the victims got home, they found that their house had been
ransacked and just about everything worth anything had been stolen.

The thieves had used the GPS to guide them to the house. They then
used the garage remote control to open the garage door and gain
entry to the house. The thieves knew the owners were at the football
game, they knew what time the game was scheduled to finish and so
they knew how much time they had to clean out the house. It would
appear that they had brought a truck to empty the house of its contents.

Something to consider if you have a GPS - don't put your home
address in it. Put a nearby address (like a store or gas station) so you
can still find your way home if you need to, but no one else would know
where you live if your GPS were stolen.

MOBILE PHONES
I never thought of this.......

This lady has now changed her habit of how she lists her names on
her mobile phone after her handbag was stolen. Her handbag, which
contained her cell phone, credit card, wallet... Etc...was stolen.

20 minutes later when she called her hubby, from a pay phone telling
him what had happened, hubby says 'I received your text asking
about our Pin number and I've replied a little while ago.'

When they rushed down to the bank, the bank staff told them all the
money was already withdrawn. The thief had actually used the stolen
cell phone to text 'hubby' in the contact list and got hold of the pin
number. Within 20 minutes he had withdrawn all the money from their
bank account.

Moral of the lesson:
Do not disclose the relationship between you and the people in
your contact list.

Avoid using names like Home, Honey, Hubby, Sweetheart, Dad,
Mom, etc....

And very importantly, when sensitive info is being asked through texts,
CONFIRM by calling back.

Also, when you're being text by friends or family to meet them
somewhere, be sure to call back to confirm that the message came
from them. If you don't reach them, be very careful about going places
to meet 'family and friends' who text you.

Peace and Be Secure,

Forest Man

 

[droht]

OT here, but wanted to respond to your locked thread about terrorists and dry run, where I gave you a red chiclet with no explanation. Sorry about that, I figured it was obvious, as you even mentioned it in the preamble to the wonderfully informative story you posted. The post was as trolly and spammy as they come. Another poster had it nailed in that thread; I won't belabor it, just wanted to respond to you. The nice thing is that I now have negative rep points (since your thread). I guess the right-leaning administration has had their say, though I can't really tell as this is mostly all anonymous.

As for this thread, I read those stories a while back. I promptly changed the address in my GPS to my next door neighbor's house. Pretty smart of me, huh? Of course when the thieves hit the garage door opener my door will still open...

 

[aberkowitz]

The snopes take on both of these emails:

http://www.snopes.com/crime/intent/gps.asp

http://www.snopes.com/fraud/telephone/pintheft.asp

Personally, I think the second one is much more likely to be total BS for a couple reasons. First, even if you have a joint bank account each card issues has its own PIN number. I can tell you that for the one joint account I have with my wife, I don't even know her PIN. Now while it's possible that two people could encode the same PIN for each of their cards, nobody would ever refer to it as "our PIN number." Second, almost all ATMs have specific limits on how much cash you can take out in a day, and many banks have the same limit on their accounts. While it's totally possible that these people had only $500 in their account, it's very unlikely that you could be totally wiped out by such activity.

While all of the pieces and what-ifs could possibly happen, as per Snopes this particular story has been circulating around the net since 2006... with no actual news stories to support the claim, making it highly unlikely that it actually happened.

 

[MinusTheBear]

Those stories sound like something you get in your email with Fwd Fwd Fwd Fwd. Anyways like anything in life, using common sense and not being a total idiot (in this case leaving your house unlocked, giving out your PIN #) go a long way...

 

[njedpx3]

Don't believe everything you read in Snopes

The snopes take on both of these emails:

http://www.snopes.com/crime/intent/gps.asp

http://www.snopes.com/fraud/telephone/pintheft.asp

Personally, I think the second one is much more likely to be total BS for a couple reasons. First, even if you have a joint bank account each card issues has its own PIN number. I can tell you that for the one joint account I have with my wife, I don't even know her PIN. Now while it's possible that two people could encode the same PIN for each of their cards, nobody would ever refer to it as "our PIN number." Second, almost all ATMs have specific limits on how much cash you can take out in a day, and many banks have the same limit on their accounts. While it's totally possible that these people had only $500 in their account, it's very unlikely that you could be totally wiped out by such activity.

While all of the pieces and what-ifs could possibly happen, as per Snopes this particular story has been circulating around the net since 2006... with no actual news stories to support the claim, making it highly unlikely that it actually happened.

DON'T BELIEVE EVERYTHING YOU READ IN SNOPES.

A couple of things to be aware of:

Many car's with GPSs and even portable GPPsa has a home address programmed in; and in atolen car a person could easily find your house.

Many people programe an entry into their cell phone called "HOME" and it is fairly easy to call and find if a person is at home. Then to do a reverse look-up on the phone number and find the house/apartment address. Robberies do take place along then lines very frequently.

It is laso good not to leave portables and other HT equipment visible in your car, unless it is Bose , because it taunts the thief to break-in.

Granted the email was probably a little embelished ,as my :friend" who goes around the battlefield shooting the wounded, has already pointed out, but none-the-less people do not take the security of portable electronic devices seriously enough. I don't know around your neck of the woods, but in my neighborhood the crime rate has gone up significantly as the unemployment rate has risen. And then again maybe I am more paranoid than most because of my previous background in IT Security and CFATS and the fact that I am involved in our homeowner's security and incident reporting. Some seicurity issues are hoaxes and some are very real. Sometimes it takes a little story or two too really open people's eyes.

Peace and Security,

Forest Man

 

[aberkowitz]

DON'T BELIEVE EVERYTHING YOU READ IN SNOPES.

I agree that Snopes is not an end-all, be-all of sources... but they do source each entry back to the original email they received regarding the subject. As I mentioned, in the case of the ATM pin being stolen, that's been passed around the web since 2006 with zero corroborating news headlines to back it up. That's why I believe that story is a load of BS.

As for the GPS story, there are actually a number of headlines (particularly from the Detroit area) that back this claim up within the past several months, and Snopes classified the story as "Partly True". They do make a very interesting point- most common criminals generally prefer low-tech solutions to high-tech solutions. That said, it is always a good idea to lock up your valuables in a car and not leave anything in plain site, particularly at a public place like a mall or a sporting event.

 

[highfigh]

Personally, I think that forgetting a PIN means that person shouldn't have one and should never be entrusted with sensitive information. Texting this kind of info is risky at best, and stupid, at worst. Same goes for e-mailing any kind of password, user name, PIN, safe words or details that shouldn't be made public- e-mails are simple text and there's no encryption at all.

That said, thieves can be pretty resourceful. My aunt & uncle had a neighbor who went to a Milwaukee Brewers game and when they got back, their BBQ grill was missing. It was returned a few days later, with 4 Brewers tickets taped to it. Guess what happened when they went to the game. This was years ago, too.

Leaving anything of value in a car is just stupid. If it's loose, it needs to go inside or be taken with the driver. To think a thief cares that it requires breaking a window to get them is completely oblivious to what happens in the world.

 

[CaliHwyPatrol]

You guys know the N in PIN stands for "number" right? Just checkin'

 

[adwilk]

You guys know the N in PIN stands for "number" right? Just checkin'

Don't you need your personal identification number number to withdraw money from an automated teller machine machine...?

 

[10010011]

So do you post every scary email spam you receive?

Never mind, everything else I said has already been said...

I need to start reading entire threads before I post,

 

[highfigh]

Don't you need your personal identification number number to withdraw money from an automated teller machine machine...?

Only if you work for the Department of Redundancy Department.

 

[njedpx3]

My password is all astericks

Only if you work for the Department of Redundancy Department.

You know about the guy who was so miffed by the astericking out his password that he made it all astericks.
====

Hacker: "Hello, I an from customer service and there has been a reported problem on your terminal connection and we are here to fix it"

User: "Okay, thanks for helping me"

Hacker:" Okay I need you to logoff and then log back on and each time you hit a key tell me so we can check and make sure the key strokes are coming through correctly"

User: " Okay, I am logged off ani am logging back on here are the key strokes U-S-E-R-I-D P-A-S-S-W-O-R-D"

Hacker: " We see the keystrokes coming through exactly as you typed them. It looks like we have fixed the problem"

User: "Oh, Thank you so much"
====
Be careful anything too good to be true isn't true.

Peace,

Forestr Man

 

[Adam]

Well, I'd like to thank Forest for posting the one about the GPS. Whether the story is true or exaggerated, it's still a good point and good advice to use a nearby store.

I did make sure that the GPS coordinates on the display weren't for my house when I posted pictures on Amazon yesterday.

 

[njedpx3]

So do you post every scary email spam you receive?

Never mind, everything else I said has already been said...

I need to start reading entire threads before I post,

Hey 10010011 sorry, I won't post any more ... spam type threads.

Peace,

Forest Man

 

[Alex2507]

I did make sure that the GPS coordinates on the display weren't for my house when I posted pictures on Amazon yesterday.

I wish you'd a told me that before I overflowed my diaper waiting for a guy with a white dog.

 

[Adam]

I wish you'd a told me that before I overflowed my diaper waiting for a guy with a white dog.

I wondered why you weren't hear tonight when I got back. I figured that it was the weather.

 

[Alex2507]

I wondered why you weren't hear tonight when I got back. I figured that it was the weather.

It's real shitty out.

 

[Adam]

It's real shitty out.

You and your fantasies...

 

[njedpx3]

It's real shitty out.

Man that is great new's Alex, that means the back-ordered grinder pump for my cabin came in. .... pressurized sh*t
will FLOW


Peace,

Forest Man

 

[highfigh]

You know about the guy who was so miffed by the astericking out his password that he made it all astericks.
====

Hacker: "Hello, I an from customer service and there has been a reported problem on your terminal connection and we are here to fix it"

User: "Okay, thanks for helping me"

Hacker:" Okay I need you to logoff and then log back on and each time you hit a key tell me so we can check and make sure the key strokes are coming through correctly"

User: " Okay, I am logged off ani am logging back on here are the key strokes U-S-E-R-I-D P-A-S-S-W-O-R-D"

Hacker: " We see the keystrokes coming through exactly as you typed them. It looks like we have fixed the problem"

User: "Oh, Thank you so much"
====
Be careful anything too good to be true isn't true.

Peace,

Forestr Man

Or, "I hurt my hand and I'll need to spell it for you- B-I-T-E-M-E-N-O-W-1-2-3"

Anyone calls me and tells me that I have a computer problem isn't going to get any info from me. First thing I do when I see a security problem is turn off the wireless and unplug my phone line from the gateway so I can diagnose it using my desktop computer. If I get their phone number, I give it to the brother of a friend, so he can look into it. He's with the DEA.