What do to if your gadgets get grabbed
I was recently in Brussels attending some meetings with members of International Consumer Research & Testing, a consortium of consumer organizations of which Consumers Union is a member. I planned to spend two days on my own after the meetings, in the medieval town of Bruges, an hour's train trip from Brussels. While on a train platform in north Brussels, I was victimized by a team of robbers who skillfully distracted me and snatched my laptop bag. Among other items, it contained my laptop, cell phone, iPod Touch MP3 player, noise-canceling headphones, and a few USB thumb drives. All gone.
While such an incident could well ruin more than just a trip, some personal practices and quick actions prevented that from happening in my case. Here's what I recommend you do if your personal electronics items are stolen on the road, with notes on what I did:
Change passwords. Fortunately, I had not put my financial files or account data on any of the stolen storage devices. I have no need to carry that info when traveling, so it resides only at home.
But the laptop did have a file from Microsoft Outlook that could conceivably be accessed by someone who was able to crack the password to log into my Windows account. (That's not difficult with hacker tools readily available for free online.) My Outlook file had a few emails and Notes that, with a bit of searching and some guesswork, might reveal login information to my online banking account. So, I went online at my hotel's internet cafe, logged in securely to my bank's website, and changed my bank account password. Just for good measure, I changed my password for my PayPal online payment account as well.
Finally, to keep the thieves from retrieving new messages, I went to my ISP's website and changed my e-mail password. I get to my company email only through a secure "VPN" web page, which scrambles everything transmitted, and doesn't save the password.
Freeze your credit reports. I also went to a credit bureau website and put a 90-day freeze on credit reports, which would presumably stop anyone trying to open an account in my name, armed with any financial info they might find on the laptop. The temporary freeze is extended to all three U.S. credit-reporting agencies.
Back up documents, even on the road. I don't keep any files or documents on my laptop that aren't backed up at home, a hedge against hard drive failure as well as theft. I did lose some meeting notes from my trip, but knew I could re-construct them from the formal minutes taken by another participant. If I had done anything that was original work, I would have emailed it to myself at my company email address, so I would have a safe copy.
Suspend service to a stolen phone. The phone I lost was useless in Europe, being a Verizon phone with only CDMA compatibility. Even so, I temporarily suspended my cell phone service (and billing) while obtaining a new phone. If I had had banking access through the phone, I would have deactivated it. My iPod was synced to iTunes on my home computer, but a new iPod will sync just as well.
The lessons learned? My new laptop will have Windows Vista Ultimate, which includes the optional "Bitlocker" feature that encrypts the entire hard drive, making it impenetrable to anyone but me. Also, I will have LoJack for Laptops, a service that can help locate and retrieve a stolen computer if a thief uses it on the Internet. And, I will split up my gadgets among my luggage. Caveat viator!
—Dean Gallea
Posted by: mike10 | Jun 3, 2008 1:45:50 PM
Re: Dean Gallea
I should have put that in my post. My over site
most criminals will not try extensively (they might only check to see if you changed the default passwords) to crack an encryption since there might only be bootlegged files on the hdd.
but if they know that the information on the hdd well fetch them good money..... corporate espionage?
ALWAYS change default password though
just some more to think about
and my thanks to Dean Gallea for clarifying my post. I did not mean to dissuade one from using encryption only to be careful
Posted by: Dean Gallea | Jun 3, 2008 10:53:29 AM
Mike10's comment is important to understand, but not to dissuade one from using encryption. In fact, the type of strong encryption used in Microsoft's BitLocker has not yet been broken, even by researchers with supercomputers. ("Breaking" encryption means getting to the information in less time than it takes to try each possible password, which in this case number 10 followed by 76 zeroes. The more obscure you make your password, the better to foil this "brute force" type of attack.) Even if it were currently possible to break this encryption, the computing resources to do it would not be available to the common criminal.
Posted by: mike10 | Jun 2, 2008 4:54:21 PM
ANY encryption no mater how strong can be broken.
it is only a mater of time hours, days, or months of work by brought force and determination
computers are getting faster and faster and since you can have more than one computer working on cracking the encryption......
come on blue-ray has bean cracked
http://en.wikipedia.org/wiki/BitLocker_Drive_Encryption#Security_concerns
just something to think about
Posted by: Dean Gallea | May 30, 2008 10:43:24 AM
Commentor Lisaweb asked about how the thieves distracted me. I learned that these teams are well-practiced, and very clever. In this case, they had first gained my "trust" by having one of the team ask about the train schedule, presumably after spotting my laptop bag next to me on the platform. They waited until a point of commotion and noise, when a train arrived on an adjacent platform, then the one who had spoken to me ran behind me towards a stairwell shouting about having to catch this train. I turned towards him (away from by bag) for a few seconds, long enough for the other team member to make off with the bag in the opposite direction. A few seconds later, I realized my bag was gone, but it was too late.
The lesson here is to never let your luggage leave your hands. The stolen bag had a shoulder strap that I could have used, even if to simply stand on it.
Posted by: Lisaweb | May 29, 2008 8:02:09 PM
What I want to know, is how did the thieves distract you? Although this is very good information you've shared, I'd much rather know how to protect myself before the fact, then afterwards.
Posted by: Dean Gallea | May 29, 2008 10:19:37 AM
Colin has a good point regarding keyloggers, which are invisible programs that capture every keystroke you type and either send them to an identity thief or save them on the PC for the thief to retrieve later. A thief can plant the program on a public terminal unbeknownst even to the owner. We've even seen keyloggers on terminals at trade show press booths.
Though rarely found on terminals in a private facility for which you have to pay a fee to use -- as was the case in my hotel -- you can examine which programs are running on the PC by pressing the Ctrl-Alt-Del key combination and launching the Windows Task Manager. A savvy user can spot a program that looks suspicious. More-stealthy keyloggers can hide even from this tactic, so if you have doubts about a PC's security, don't enter passwords on it.
Posted by: Colin | May 29, 2008 8:14:12 AM
"So, I went online at my hotel's internet cafe"
Ever hear about key loggers? I'd re-change all those passwords.
Disk encryption is your friend. If not running Vista, TrueCrypt will do full disk encryption on XP. Use FileVault on OS X. And don't forget external devices, too.
Colin