top of page

My name is Dr. Varon and I have been a victim of identity theft

It was in trying to sort out the damage that realized just how vulnerable we all are, and just how complex the topic of cybersecurity really is. Fast forward, I have learned a great deal about this and I decided to make that information available for family, friends, colleagues and patients as a resource for securing their digital life

This website is for informational purposes only

If I'm successful, then you too will become...just a little paranoid

Using a Smartphone
Quick Links
Person Checking the Phone
take control of

YOUR DIGITAL LIFE.

 

My goal is to help you realize that security is a layered process, and you can secure and lock down one layer at time at your own pace. Every bit reduces an "attack surface" where you are leaking information.

The first thing is to recognize that you are using just 3 things to represent yourself online: an email, password and phone number.

Just those 3 things gets you access to websites where you secure bank accounts, brokerage accounts, Social Security info, medical accounts and a dozen other places where you do business online.

The problem is, it's pretty easy for hackers to get that very same information to access your accounts.

assessing your

THREAT MODEL.

 

The first thing to consider is what it is you have to protect. An important place to start when defining your exposure to cyberthreats is to perform a risk assessment. People often tell me that "they don't have anything to hide, don't have anything worth taking, or don't know why anyone would target them". The reality is that it's not as much about you personally, hacking and cybersecurity is a game, unfortunately, its a game that you weren't aware you were playing and you don't know whom you're playing against. 

To see what's at stake, think about:

What would happen if you suddenly couldn't log in to your email?

How would losing access to your phone number and your text messages affect you?

What if you lost control of all your social media accounts?

Do you have a business website you need to protect? 

Do you shop online or use PayPal or Venmo?

Do you bank online or have brokerage accounts online?

Are you a student who needs to login to a university account

The next step in assessing your risk factors is to see the enormous scope of data breaches, and make note if you had an account at any one of these many companies. Next, enter your email to haveibeenpwned to see if your personal info was included in the breach. 

Data%20Cloud_edited.jpg

Many people are aware of the many big corporate data breaches and they may have even have gotten an email from Equifax, Target or Marriot that starts with "We take your privacy seriously..." which is code for "We were hacked, we're not sure when, we lost your personal information, we're sorry, and we're working to figure out how bad it is".

For many data breaches, the full name of the client, the account number along with

the username and password are the the most commonly stolen pieces of information,

and for good reason, they are very valuable on the dark market because they are

used for a tactic called Credential Stuffing.

In the 2017 Equifax breach, hackers accessed the records of

148 million US consumers’ personal data, including:

  • Full names

  • Birth dates

  • Addresses

  • Social Security Numbers

  • Driver license numbers

And for 209,000 consumers, credit card numbers were also stolen.

Although data breaches are probably the number one way that information gets compromised, Google Search for yourself and you will be shocked at how much personal information is available about you, much of it for free.

If someone else has all that information on you to establish an identity, then the only thing separating you from them is your government issued ID and you being present in person. Someone can even lock down your accounts such as the IRS and SSA

just a little

paranoid

bottom of page