If you aren’t in the habit of backing up your data, you might assume that it’s difficult or tedious. But I’ve got news for you, it’s easy-peasy. Nowadays, backing up is a complete no brainer.

There are many backup options. New PCs often come bundled with backup options included in the “bloat ware.” Microsoft Windows 7 comes with “Windows Restore/Back Up” accessible via the Control Panel, and Macs offer a backup option called Time Machine. You can buy an external hard drive to copy your files to, or invest in a remote backup service.

I suggest backing up twice on local drives and once in the cloud.

Cloud backup options include Mozy, McAfee, and Carbonite.

Mozy online backup costs $6 per month to back up 50 gigabytes of data on one computer, or $110.00 a year for 125 gigabytes on up to three computers. Mozy offers an easy to use interface and quick, effortless backups of every file type, including files on external drives. If you have over 110 gigabytes, though, it gets pricey.

McAfee online backup costs $5 per month, and works exactly like Mozy, except that as of this writing, users receive unlimited backup for that $5 monthly fee.

Carbonite online backup offers unlimited storage from one computer for under $5 per month. Carbonite is inexpensive with an easy- to- use interface that allows you to access your data via an iPhone app, which is very cool. Unfortunately, Carbonite won’t back up external drives, backing up certain media, like videos, is slow, and you have to manually check your folders to make sure everything has successfully been backed up. Also, certain files , like software programs with a variety of unusual file extensions, have to be zipped beforehand, since Carbonite won’t back up the individual files with odd extensions.

My 200-gigabyte C: drive came built into my PC as the main operating system drive. My E: drive is a secondary 2TB drive installed in the slot most PCs provide for a second drive. And I have a 2-terrabyte external drive, my F: drive, which I keep running 24/7. I paid $80.00 for a 2TB E: drive and $104.00 for a 2TB external drive. I also have unlimited cloud-based backup, which is accessible for $60 a year. And for $20, I’ve installed Goodsync.

All my data is on stored on my E: drive, filling more than three quarters of the 2-terrabyte internal drive. Drive E is my primary data drive, and gets backed up to the cloud and synced to the external 2-terrabyte F: drive. Goodsync automatically syncs my internal E: drive and external F: drive every two hours. I do this because, while all my data is stored in the cloud, if my internal drive does crash, downloading it all would be a chore, plus, I’d need a drive to download it too, anyway.

The cloud is ideal for mitigating major catastrophes, like fires, but not practical for accessing data on a daily basis.

That’s it. Two local backups and one cloud-based backup. Do it today. It’s easy-peasy.

Robert Siciliano is a personal security expert contributor to Just Ask Gemalto. (Disclosures)

The day when your wallet becomes a relic, like an 8-track tape, isn’t here quite yet. But we are getting close.

Thinning out your wallet isn’t just nice for your pants pocket. It’s also a good way to minimize your risk for identity theft, should your wallet ever be lost or stolen. As long as you’re keeping your smartphone safe and secure, the following mobile payment options offer safe, convenient alternatives to traditional payments.

Mint: Personal finance tools from Mint.com help you track, budget, and manage your money while you’re on the go. Sign up for a free Mint.com account, add your online banking and credit card accounts, and access your personal finances, all from your iPhone. One cool feature Mint offers is optional alerts to any high dollar transactions.

Square: This application and free credit card reader allow users to accept credit cards via iPhone, iPad, or iPod touch without a contract, monthly fees, or merchant account required. You can become your own merchant with this truly amazing app, which is ready to take payments within minutes of downloading. This can be handy when splitting a dinner check with a group in which everyone has a credit card, but no cash.

KeyRing: Never carry plastic or paper loyalty, membership, or library cards again! You can save time, space, and money by storing cards and coupons on your phone, so you’ll never miss a discount at the point of sale again. I especially like that KeyRing fully backs up your credit and store cards. Not every merchant is ready to accept a digital card at this point, but many are, and the number is increasing.

Paypal: Send money to your friends, manage your account, and more with the PayPal app. It’s free, secure, and more convenient than going to an ATM, writing checks, or sending gifts the traditional way.

I haven’t listed my bank’s application because they don’t currently offer mobile check deposit. But if your bank does, add them to the list, because that’s cool.

Robert Siciliano is a personal security expert contributor to Just Ask Gemalto. (Disclosures)

As more online retailers introduce mobile ecommerce applications, criminal hackers are taking notice. Existing mobile operating systems are under attack and, like standard PC operating systems, they sometimes fail to provide the necessary security to support a payment application.

Current research is primarily geared towards securing mobile payments, but there is a lack of coordination between mobile payment developers, device manufacturers, and mobile operating system platform developers. Hackers are taking advantage of the loophole created by this lack of coordination.

Mobile phone spyware has been a concern for years. Legitimate software companies sell mobile phone spyware that allows the user to monitor a spouse, kids, or employees. And criminals deploy mobile phone spyware, as well.

Beijing-based mobile security services firm NetQin Technology reports that an application called Xwodi, which allows third parties to eavesdrop on cell phone conversations, has infected more than 150,000 phones in China. Apparently, the malware targets mobiles running the Symbian platform, and monitors phones by silently activating the conference call feature or microphone.

One security company, Trusteer, informed The New York Times, “Mobile users are three times more likely to fall for phishing scams than PC users…because mobile devices are activated all the time, and small-screen formatting makes the fraud more difficult to spot.” In the same article, another mobile security firm, Lookout, claimed that in May 2010, 9 out of 100 phones scanned for malware and spyware were infected. That’s up from 4 out of 100 infected phones in December 2009.

Protect yourself by refraining from clicking links in text messages, emails, or unfamiliar webpages displayed on your phone’s browser. Set your mobile phone to lock automatically and unlock only when you enter a PIN. Consider investing a service that locates a lost phone, locks it, and if necessary, wipes the data, as well as restoring that data on a new phone. Keep your phone’s operating system updated with the latest patches, and invest in antivirus protection for your phone.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses spyware on FOX Boston. (Disclosures)

More consumers than ever before are buying smartphones. A smartphone is an Internet-enabled mobile phone with the ability to purchase and run applications. Smartphones are generally equipped with voice, data, Wi-Fi, Bluetooth, and GPS functions. Operating systems include Google’s Android, Apple’s iOS and Windows’ Mobile 7. Most function on a 3G wireless connection and can switch to Wi-Fi when it’s available. Newer models are being built to accommodate the upcoming nationwide deployment of 4G wireless networks.

“Worldwide mobile phone sales to end users totaled 417 million units in the third quarter of 2010, a 35 percent increase from the third quarter of 2009, according to Gartner, Inc. Smartphone sales grew 96 percent from the third quarter last year, and smartphones accounted for 19.3 percent of overall mobile phone sales in the third quarter of 2010.”

In the U.S, there are 293 million cell phone subscribers and cell phone penetration is over 93%. In 2010, more than one in four households had cell phones and no landlines, which is an increase of 2.1% over 2009. Almost one in six households use cell phones exclusively, despite having a landline. Wordwide, there are 5 billion smartphones in use.

The number of mobile broadband subscriptions surpassed the half billion mark in 2010, and in 2011 broadband subscriptions are expected to exceed one billion. As more and higher speed networks are built, more consumers will gravitate toward the mobile web. Smartphone users are downloading billions of apps and spending millions via mobile payments. In fact, for the younger generation, smartphones are used for a majority of ecommerce transactions. Many of these people haven’t been inside a bank in years!

Taking Security Measures.

As more people switch to smartphones, mobile security concerns increase. Here are a few reminders to help keep your data secure on your phone:

1) Use a PIN to lock your phone: 55% of consumers do not use a PIN to lock their phones. Mobile content is especially vulnerable to hackers and thieves.

2) Don’t store banking passwords on your phone: 24% of consumers store computer or banking passwords on their smartphones. 40% of consumers say losing their phone would be worse than losing their wallet, and two million mobile phones are lost or stolen every year. That’s one every fifteen seconds.

3) Register for a service that can remotely locate, access and wipe your phone: There are services that can remotely access a lost phone, pinpoint its location, and, if necessary, wipe the data from the phone. Now is the time to consider investing in one, before you lose your phone.

Robert Siciliano is a personal security expert contributor to Just Ask Gemalto. (Disclosures)

“Vishing” occurs when criminals call victims on the phone and attempt to lure them into divulging personal information that can be used to commit identity theft.

The name comes from “voice,” and “phishing,” which is, of course, the use of spoofed emails designed to trick targets into clicking malicious links. Instead of email, vishing generally relies on automated phone calls, which instruct targets to provide account numbers.

Vishing techniques include:

Wardialing: This is when the visher uses an automated system to call specific area codes with a message involving local or regional banks or credit unions. Once someone answers the phone, a generic or targeted recording begins, requesting that the listener enter bank account, credit, or debit card numbers, along with PIN codes.

VoIP: Voice over Internet Protocol, or VoIP, is an Internet-based phone system that can facilitate vishing by allowing multiple technologies to work in tandem. Vishers are known to use VoIP to make calls, as well as to exploit databases connected to VoIP systems.

Caller ID Spoofing: This is the practice of causing the telephone network to display a false number on the recipient’s caller ID. A number of companies provide tools that facilitate caller ID spoofing. VoIP has known flaws that allow for caller ID spoofing. These tools are typically used to populate the caller ID with a specific bank or credit union, or just with the words “Bank” or “Credit Union.”

Social Engineering: Social engineering is a fancier, more technical form of lying. Social engineering (or social penetration) techniques are used to bypass sophisticated security hardware and software. The automated recordings used by vishers tend to be relatively professional and convincing.

Dumpster Diving: One time and tested “hack” is simply digging through a bank’s dumpster and salvaging any lists of client phone numbers. Once the visher has the list, he can program the numbers into his system for a more targeted attack.

To protect yourself from these scams, educate yourself. Knowledge is the key to defending yourself from vishing. The more you understand it, the better off you’ll be, so read up on vishing incidents, and if your bank provides information about vishing online or in the mail, sit up and pay attention. As this crime becomes more sophisticated, you’ll want to be up to date.

If you receive a phone call from a person or a recording requesting personal information, hang up. If the call purports to be coming from a trusted organization, call that entity directly to confirm their request.

Don’t trust caller ID, which can be tampered with and offers a false sense of security.

Call your bank and report any fraud attempts immediately. The sooner you do, the more quickly the scam will be squashed.

Document the call, noting what was said, what information was requested, and, if possible, the phone number or area code of the caller, and report this to your bank.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses scammers and thieves on The Big Idea with Donnie Deutsch. (Disclosures)

Cybersquatting, simply put, is the act of procuring someone else’s trademarked brand name online. The Anti-cybersquatting Consumer Protection Act, a U.S. federal law enacted in 1999, describes cybersquatting as registering, trafficking in, or using a domain name with bad faith intent to profit from the goodwill of a trademark belonging to someone else.

Cybersquatters squat for many reasons. Some squat for fun or because they like the brand or name, while other squatters use the domain to advertise competitors’ wares, or for stalking, harassment, or outright fraud. Most cybersquatters offer to sell the domain at an inflated price to the person or company who owns the trademark contained within the domain name.

In particularly malicious cases of cybersquatting, identity thieves use a domain similar to that of a bank or other trustworthy entity in order to create a spoofed website for phishing. If the desired domain isn’t available, typosquatting is the next best option. After Annualcreditreport.com launched, more than 200 similar domains were quickly snapped up.

Computerworld discussed the havoc that cybersquatting can wreak on a brand’s reputation. Sometimes, criminals copy a brand’s entire website in order to collect usernames and passwords from unwitting visitors. The hackers then test those names and passwords on other websites. Cybersquatting increased by 18% last year, with a documented 440,584 cybersquatting sites in the fourth quarter alone, according to MarkMonitor’s annual Brandjacking Index report.

I’ve written before about the time I was accused of cybersquatting. I wasn’t, I swear! I bought myself some domains in the early 90’s, way before cybersquatting was illegal. I sold some, and regrettably gave up some others. And there was one that will haunt me until the day I die. I owned LedZeppelin.com for five or six years. Led Zeppelin was and is my favorite band, and as a fan, I bought the domain as a keepsake. I would get emails from people all over the world, saying things like, “I am Paulo from Brazil, I love the Led Zep!”

With cybersquatting on the rise, it makes sense to claim your name, your brand name, and your kids’ names as soon as possible. There are numerous new domain extensions coming out all the time. Dot Co recently launched without much fanfare, but it creates a new opportunity for criminals to hijack your brand. I just snagged “siciliano.co.” So go get your domain before the bad guy does!

Robert Siciliano, personal security expert contributor to Just Ask Gemalto, discusses hackers hacking social media on Fox Boston. Disclosures