Preventing Inside Jobs, Keeping Inside Hackers – Out

Robert Siciliano Identity Theft Speaker and Expert

Are you familiar with a “Logic Bomb”? This is a brilliant piece of code, a virus, designed for destruction. The goal of a logic bomb is to disable existing systems that may monitor data, protect it, back it up or access it. A logic bomb is designed to multiply like any virus and spread throughout a network multiplying its effects.

In a Wall Street Journal story an example provided, depicts an employee at Fannie Mae, knowing he is about to be fired commits an act of workplace violence by installing a logic bomb set to detonate almost 3 months after his departure. The detonation would have taken the organization off line for almost a week and cost millions and millions of dollars.

In this true crime story, an observant programmer, still employed noticed the code and disabled it before the damage could be done.

Think for a moment about your home/flat/apartment and how you would break in if you lost your keys. And if a burglar knew what you knew about where you hide and store your stuff. How much damage could he do, knowing what you know? Insiders pose the same problem. They know the ins and outs of all systems in place and can wreak havoc on your operation while they are employed and sometimes after they are let go.

The problems begin when we put people in a trusted place. They are granted access because that’s their job to perform certain duties and they are granted carte blanche access. Ultimately this is a people problem and needs to be addressed that way.

1. Limited Sources; only grant access to a few trusted sources. Minimize the amount of staff that has access to whatever systems in place.

2. Due Diligence; in the information age, our lives are an open book. Background checks from information brokers are very necessary. Not doing a background check increases your liability. A person previously convicted of a crime just might do it again.

3. Limit Access; even a good apple eventually can go bad. By restricting the access to even those who are in a trusted position, in the event they turn sour, they can only do limited damage.

4. Defense in Depth; audit, audit, audit. This is all about checks and balances. Separation of powers. Multiple layers of authorization. We’ve all watched the movie where in order to launch the missile there were 2 keys held by 2 people, who pressed 2 buttons in order for the missile to launch. Put systems in place that facilitate someone always watching over someone’s shoulder. This way the bad apple can’t hide or execute their malicious intent.

5. Prosecute the Guilty; in the event of a breach of trust, make an example of the person that others won’t forget. Public hangings set a strong deterrent.

It is human nature to trust each other. We are raised to be civil towards one another and to respect those in authoritative positions. It takes a significant amount of trust in your fellow human being to drive down the street while cars are heading toward you only separated by a thin painted line. Without trust we wouldn’t get out of bed in the morning.

This explains why we are completely beside ourselves when someone who we have bestowed our faith and trust in deceives us. A week doesn’t go by where we read of the local girls team soccor coach was preying upon his underage team members. And we are still shocked.

Throughout our lives, and especially lately, we have observed government officials, CEOs from major corporations down to front line staff and many others who have been put in positions of trust, who ultimately deceived. Putting someone in a trusted position, without checks and balances can lead to utter destruction, and is liable and irresponsible.

Robert Siciliano Identity Theft Speaker and Expert; video discussing background checks

Unlucky in Love? Feb. 13th is Your Lucky Day!

Unlucky in Love? Feb. 13th is Your Lucky Day!

Hi,
Lisa Daily, friend and colleage wrote a great book “How to Date Like a Grown-Up: Everything You Need to Know to Get Out There, Get Lucky, or Even Get Married in Your 40s, 50s and Beyond” and featured me and my tips on safe dating both online and off.

Buy it!

If you’ve been unlucky in love (or just not lucky enough). Friday, February 13th will be your lucky day.

Why? If you buy How to Date Like a Grown-Up: Everything You Need to Know to Get Out There, Get Lucky, or Even Get Married in Your 40s, 50s and Beyond (written by my friend, bestselling author Lisa Daily) today at Amazon.com, you’ll get more than $800 worth of free bonus gifts.

How’s that for a Valentine’s Day present?

How to Date Like a Grown-Up offers realistic, counterintuitive advice that will help you finally find the relationship you deserve, including: where and how to meet better men, 5 easy tips to chat up any stranger, what you may be doing to make yourself a magnet for losers, little-known secrets to dramatically improve your dating odds, and the one simple thing you can do in the bedroom to make a man speed up his marriage proposal. (It’s not what you think!)

For today only, you can get an online goodie bag worth $800 when you purchase How To Date Like a Grown-Up: Everything You Need To Know To Get Out There, Get Lucky, or Even Get Married in Your 40s, 50s and Beyond. (It’s about $12 at www.Amazon.com)

For details and a complete listing of all the goodie bag items, which includes a free T-Tapp exercise video download (lose 2 sizes in 30 days!), free dating site membership, a collection of fantastic audio downloads, sneak peek chapters of not-yet-released books from bestselling authors, and lots of other goodies, check out www.lisadaily.com/swagbag

Here are some of the bonuses you’ll receive if you purchase HOW TO DATE LIKE A GROWN-UP today!

Purchase HOW TO DATE LIKE A GROWN-UP today and you’ll receive:

* $5 OFF (20%!) THE FABULOUS MAN-MAGNET PARFUME GLACé (www.HerbanAvenues.com)

* Free exclusive T-Tapp exercise video download from Teresa Tapp (Lose 2 sizes in 4 weeks!)

* Two months FREE membership at Cupid.com, the premier online dating site. (www.cupid.com)

* 7 THINGS EVERY WOMAN MUST KNOW TO PROTECT HERSELF ONLINE EXCLUSIVE AUDIO DOWNLOAD
Lisa Daily interviews Robert Siciliano of www.IDTheftSecurity.com about the key things every woman must know to protect herself from online predators.

* Two Free Chapters From FOCUS ON THE GOOD STUFF Bestselling Author Mike Robbins (www.focusonthegoodstuff.com )

* A collection of 5 hilarious essays and 5 audio downloads from humor writer Lisa Earle McLeod, author of Forget Perfect and Finding Grace When You Can’t Even Find Clean Underwear (www.forgetperfect.com)

* Free audio and video access to the Wealthy Girl Summit (www.beawealthygirl.com)

*Free Excerpt and audio programs of Aging Backwards: Secrets to Staying Young

* Your 2009 Shoe Personality Predictions from Donna Sozio

* Free copy of Letters From Friends e-book –by Emily McKay

* Sneak peek of UNPREDICTABLE by the hilarious Eileen Cook (www.eileencook.com)

* Sneak preview of SWEET LIFE by bestselling author Mia King (www.miaking.com)

*Excerpt of SLEEPING WITH WARD CLEAVER by bestselling author Jenny Gardiner (www.jennygardiner.net)

* FREE The Daughter-in-Law Rules eBook (www.thedilrules.com)

* $500 OFF YOUR TUITION TO THE DREAMGIRL ACADEMY WEEKEND SEMINAR

To get your free bonuses worth more than $800, purchase How to Date Like a Grown-Up before 12 midnight PST TODAY at Amazon.com (where it’s currently bargain-priced under $12) and email your receipt to swagbag@lisadaily.com.

The reviews so far:

“Witty and smart, this is a must-read for any woman ready to find Mr. Right. Or at least Mr. Right Now.”
–Christopher Hopkins, Oprah’s Makeover Guy and author of Staging Your Comeback: A Complete Beauty Revival for Women Over 45

“This is for every women who’s come to the realization, “This is a different world, I’m a different person, and I’m not doing things the same old way.”
–Lisa McLeod, Buffalo News, author of Finding Grace When You Can’t Even Find Clean Underwear

“Not only is Lisa Daily absolutely hilarious, but she gives the best advice! Read, laugh, enjoy, but do what she suggests because her advice is spot on!”
-Jennifer Muscato, E! News
##

Tech Executives Are The New Sexy

Robert Siciliano Identity Theft Expert – Speaker

Not to long ago the CIO was a pocket protected, sugared up, soda pop drinking, potato chip eating, caffeinated, non sociable…..well….geek. Not anymore. But you knew that. Serious, Geek is getting even more sexy, stripper pole sexy. A familiar story, a colleague of mine built a tech startup, it has gone from $4 million to $175 million in 3 years. He tells me behemoth tech companies literally send scantily clad hotties to his office weekly, making numerous offers he has to refuse. Hes married, and, he has a board of directors that won’t sell.

Companies not so flush with cash and armed with solutions that actually work, are holding back and not selling out because they are undervalued due to the economic crisis. What compounds their pain is retailers and others who need their technology aren’t buying. It astonishes me that with the amount of data beaches over the past year alone, companies aren’t making the necessary investments.

I see struggling companies offering technologies including identity theft protection, data security that prevents data breaches, defending against criminal hackers from the inside and out, biometric solutions and credit card fraud prevention using multi-factor authentication, all solutions yet to be widely implemented. Solutions that work!

This kind of cost cutting has put the attention on the CIO. Budget cuts have put the CIO front and center.

CIO’s are benefiting big time from the current climate. Sure, many have a much bigger workload, but the chief information officer has become an attractive and strategic financial asset.

The CIO is now very in demand. High tech jobs are some of the most recession proof. While tech is their “job”, they have become go-to-gurus for security, and now for corporate strategy and long term company objectives.

Cost cutting often spurs innovation. Who better to turn to than the CIO who knows what works, and, deals with whiny co-workers when stuff doesn’t work. These are people that generally know what goes on in every nook, cranny and crawl space of the facility and know what is a waste and what streamlines productivity.

If you’re not already, tap your CIO for strategic initiatives and they may have something sexy to say.

Great article by Jon Fortt Here

Completely unrelated distraction of a video of credit card skimming Here

Identity Theft Expert and MyLaptopGPS: Computer Security Breaches Reported within Days of Each Other Involve Nearly 40,000 Unique Data Records

(BOSTON, Mass. – Feb. 13, 2009 – IDTheftSecurity.com) News this past week of data breaches at just two healthcare organizations apparently involved nearly 40,000 unique data records. One was the theft of a laptop computer hospital near Dallas, Texas. Widely televised and quoted personal security and identity theft expert Robert Siciliano advised healthcare organizations to avoid such incidents by investing in laptop tracking and data retrieval technology from MyLaptopGPS.

"Depending on the data stored on it, a laptop computer is worth much more than what the machine costs to purchase," said Siciliano. "When a laptop is stolen, the idea that it is in fact worth the cost of the data on it becomes painfully clear. On average, that cost is nearly $170,000. But laptop tracking security can cost as little as a miniscule fraction of this. Smart organizations opt for the latter."

CEO of IDTheftSecurity.com and a member of the Bank Fraud & IT Security Report‘s editorial board, Siciliano leads Fortune 500 companies and their clients through presentations that explore security solutions for businesses and individuals. Author of "The Safety Minute: 01" and a longtime identity theft speaker, he has discussed data security and consumer protection on CNBC, NBC’s "Today Show," FOX News Network, and elsewhere.

Healthcare organizations suffered security breaches this past week that possibly exposed thousands of employees’ unique data records to thieves.

  • San Ramon, Calif. police uncovered a computer file containing sensitive, identifying data on nearly 30,000 employees of the Oakland, Calif.–based HMO Kaiser Permanente.
  • A laptop computer stolen from Parkland Memorial Hospital, near Dallas, Texas, contained names, birthdates and Social Security numbers on 9,300 employees, according to a Feb. 9th report in The Dallas Morning News, which went on to note that the mobile computing device was valued at $1,862.

"A laptop computer’s worth is much more than the cost of its hardware and software," said MyLaptopGPS’ chief technology officer, Dan Yost, who invited readers to visit the MyLaptopGPS blog. "Each unique data record is worth to the person it identifies much more, and when thousands upon thousands of such records reside on one mobile computing device’s hard drive, that cost rises ever upward. The smart thing to do is to make sure the machine is never lost."

The theft rate for laptop computers equipped with MyLaptopGPS is just 0.4 percent, or 32 times lower than the average. Additionally, Yost pointed to SafeRegistry™, a comprehensive system from MyLaptopGPS for inventorying entire fleets of mobile computers, as well as a full line of highly renowned SafeTags™, which are police-traceable property tags designed to secure iPods™, cell phones, BlackBerry™ devices and other mobile property.

Yost’s expertise has been featured twice in CXO Europe. Furthermore, in December of 2008, he and Siciliano co-delivered a presentation titled "Information in the Modern Age: Maintaining Privacy in an Era of Medical Record Identity Theft" at the 4th Annual World Healthcare Innovation & Technology Congress in Washington, D.C., where Former U.S. Congressman Newt Gingrich delivered the keynote address.

Readers who belong to LinkedIn® are encouraged to join the MyLaptopGPS group there. Featured in Inc. Magazine and TechRepublic, MyLaptopGPS maintains the Realtime Estimated Damage Index (REDI™), a running tally of highly publicized laptop and desktop computer thefts and losses and these losses’ associated costs. A log of these high-profile laptop thefts is available at MyLaptopGPS’ website.

Readers may download a demo of MyLaptopGPS. They also have the opportunity to read one of two reports tailored to the type of organization they run.

MyLaptopGPS combines Internet-based GPS tracking with other functionalities to secure mobile computing devices. A user launches MyLaptopGPS’ features remotely, protecting data even while the machine is in a criminal’s hands. Once connected to the Internet, the software silently retrieves and then deletes files from machines as it tracks the stolen or missing hardware — at once returning the data to its rightful owner and removing it from the lost mobile computing device.

The YouTube video below shows Siciliano on a local FOX News affiliate discussing the importance of securing mobile computing devices on college campuses, where laptop theft can run rampant. To learn more about identity theft, a major concern for anyone who’s lost a laptop computer or other mobile computing device to thieves, readers may go to video of Siciliano at VideoJug.

###

About MyLaptopGPS

Celebrating 25 years in business, Tri-8, Inc. (DBA MyLaptopGPS.com) has specialized in complete system integration since its founding in 1984. From real-time electronic payment processing software to renowned mid-market ERP implementations, the executive team at MyLaptopGPS has been serving leading enterprises and implementing world-class data systems that simply work. With MyLaptopGPS™, Tri-8, Inc. brings a level of expertise, dedication, knowledge and service that is unmatched. MyLaptopGPS™’s rock-solid performance, security, and reliability flow directly from the company’s commitment to top-notch software products and services.

About IDTheftSecurity.com

Identity theft affects us all, and Robert Siciliano, CEO of IDTheftSecurity.com and member of the Bank Fraud & IT Security Report‘s editorial board, makes it his mission to educate Fortune 500 companies and their clients. A leader of personal safety and security seminars nationwide, Siciliano has been featured on "The Today Show," CNN, MSNBC, CNBC, "FOX News," "The Suze Orman Show," "The Montel Williams Show," "Maury Povich," "Sally Jesse Raphael," "The Howard Stern Show," and "Inside Edition." Numerous magazines, print news outlets, and wire services have turned to him, as well, for expert commentary on personal security and identity theft. These include Forbes, USA Today, Entrepreneur, Woman’s Day, Mademoiselle, Good Housekeeping, The New York Times, Los Angeles Times, Washington Times, The Washington Post, Chicago Tribune, United Press International, Reuters, and others. For more information, visit Siciliano’s Web site, blog, and YouTube page.

The media are encouraged to get in touch with any of the following individuals:

John Dunivan
MyLaptopGPS Media Relations
PHONE: (405) 747-6654 (direct line)
jd@MyLaptopGPS.com
www.MyLaptopGPS.com

Robert Siciliano, Personal Security Expert
CEO of IDTheftSecurity.com
PHONE: 888-SICILIANO (742-4542)
FAX: 877-2-FAX-NOW (232-9669)
Robert@IDTheftSecurity.com
www.idtheftsecurity.com

Brent Skinner
President & CEO of STETrevisions
PHONE: 617-875-4859
FAX: 866-663-6557
BrentSkinner@STETrevisions.com
http://www.STETrevisions.com
http://www.brentskinner.blogspot.com

The Five Biggest Security Threats Facing Businesses Today

Robert Siciliano 2/12/2

Millennials, the next generation of technology savvy workers are coming to a cubicle near you. They are a generation of technogeeks that dont know they are techno or geeks. I had a rattle. They had a PS2.

This generation knows enough to fix it and enough to break it. They are the best thing and the worst thing to happen to IT administrators. They are armed with netbooks, iphones and their own routers they plug into your network. They access Facebook, Myspace, Bebo and countless other sites that should not be accessible from a corporate network.

Yes, you can control what they do on-site. But it gets more complicated when they are commuting virtually. Using their PCs to log into your network becomes a battle of the techies (your IT guy vs them) to see who wins. They dont want restrictions, they want speed and will do their best to defeat whatever technology IT has in place.

Poison Pharms; is the redirect of your domain of your companies website, it’s the equivalent of someone rerouting your phone lines to a boiler room operation across the street and posing as your business.

Storm Clouds; as many forgo software and adopt software as a service, the potential for data lost or stolen in the cloud rises. The information is virtual, its overseas, it goes through another router you dont control.

Credit Crunch; recent studies show on average companies will allocate ONE more full percentage point of their annual budget into IT security. ONE! Criminals are spending lots more and they are investing whatever they need to get into your networks and they are using your data and turning it into money to do it.

Offshoring; countries in the game only a short time have exploded with growth in their IT sectors. While most have invested heavily in their infrastructures and in security, the pace of growth for some has outpaced security.

Brilliant article by Nick Heath Here

Video of hackers caught Here

Robert Siciliano Identity Theft Expert and Speaker

Malicious insider attacks to rise. McAfee has a warning

Robert Siciliano Identity Theft Expert www.IDTheftSecurity.com

The world’s biggest software maker has warned companies to expect an increase in “insider” security attacks by disgruntled, laid-off workers.

With millions losing their jobs their are a plethora of opportunities for insiders to plug in an iPod, thumdrive or other external source and steal client data, or other proprietary information.
Its been said before, company networks are like candy bars, hard on the outside and soft and chewy on the inside. Insiders fearing the inevitable layoff begin to look for ways to profit from what is immediately within their grasps.

Stealing office supplies only takes them so far. But hundreds, even millions of records or company secrets is worth something to someone. Those on the inside usually know what its worth to who.

Verizon determined insider attacks equate to up to 18% of all breaches. McAfee further disclosed fraud equates to a trillion dollar price tag.

Maggie Shiels Technology reporter, BBC News does a great job Here

Robert Siciliano is and Identity Theft Expert and CEO of IDTheftSecurity.com he is a business builder, strategic marketer, security analyst, published author, television news correspondent. Delivers presentations on identity theft protection and personal security. Works with Fortune 1000, IT and startups. Launching, branding, messaging, representation, m&a facilitator, SEO and media. Current private equity projects include dynamic biometrics, credit card platform multi-factor authentication, security investigations and telemarketing fraud mitigation. Connect with him on LinkedIn

Robert on Fox discussing ID Theft

Data scams have kicked into high gear, Mr. Ming Yang Has 31,000 Viruses

Robert Siciliano Identity Theft Speaker 2/11/09

“I am Mr. Ming Yang, I have an obscured business suggestion for you. Your services will be paid for. Contact mr_mingyang_desk45@hotmail.com”

Mr Yang sent me an email just now. He wants…my services…? Or something. He’s not my type. My type doesn’t have a filthy virus. Plus he is a dude.

Care for a dalliance? He’s all yours.

Great article here: Data scams have kicked into high gear as markets tumble

As the markets tank, criminals are releasing a barrage of scams. email scams of every kind, infecting peripherals, drive-by viruses and more. In September 2009 there were a record 31,000 viruses released daily. That’s EVERY DAY! Criminal hackers are taking full advantage of the down economy and the overall panic and confusion of the millions of people whose lifetime investments are tanking and others who’ve lost their jobs.

Organized criminals in the form of webmobs are well funded and out for blood. They are breaching your home PC when your kid installs a malicious program to play a game, they are going after mom and pop small businesses all the way up to major enterprise networks.

5 years ago criminal hackers would compromise your machine and wreak havoc. They’d delete your files or crash your machine. Not any more. They want your machine running smooth and efficient.

Your computer network is an asset to organized criminals. They utilize your computing power as a “botnet”, which is a robot network of computers connected to the internet sitting in your home or office. All computers connected to a botnet share something in common, usually a virus that allows for a remote control component and someone or a group of crackers controlling it. They use your PC to do the dirty work sending out more spam, offers and phish emails.

Often your PC would be used as a server to host spoofed websites designed to extract data from the not so savvy who become victimized.

Many of today’s problems stem from applications we use every day that are vulnerable to attack. In criminal hacker forums, viruses are bought and sold that will infect a web based banner advertisement that may incorporate Adobe Flash player. Once the ad is clicked, or not, all you have to do is launch the page in some cases, a piece of code, or malware infects your PC and you become a zombie PC.

Running anti-virus, keeping your operating systems critical security patches updated, firewalls, updating your applications and not being stupid can prevent most attacks.

Here is an appearance discussing an attack on peripherals on Fox News

Robert Siciliano is and Identity Theft Expert and CEO of IDTheftSecurity.com he is a business builder, strategic marketer, security analyst, published author, television news correspondent. Delivers presentations on identity theft protection and personal security. Works with Fortune 1000, IT and startups. Launching, branding, messaging, representation, m&a facilitator, SEO and media. Current private equity projects include dynamic biometrics, credit card platform multi-factor authentication, security investigations and telemarketing fraud mitigation. Connect with him on LinkedIn

Identity Theft Rising; Hits Record 10M Americans in 2008

Robert Siciliano Identity Theft Speaker 2/9/09

Number of fraud victims rises in 2008, but average loss per theft falls, according to a recent study. Article Here It should come as no surprise that identity theft incidents are climbing. Over the past year we have seen hundreds of data breaches resulting in millions and millions of records ripped out of small business to large enterprise networks. Many companies breached were simply irresponsible with the information they were entrusted with. Others were found to be compliant under various standards.

Still, the bleeding continues and as I have said numerous times, it will continue to get worse, it won’t get better and change wont take place until consumer credit is frozen across the board and citizens are properly identified.

A “fulz” is a term used in the underground, defined as an asset of information obtained by a “carder” or criminal hacker, which includes name, address, social security number (US primary identifier), and in some cases account and credit card numbers. A fulz is usually traded online in internet relay chatrooms by criminal hackers who become information brokers. They used to sell a fulz for a few hundred dollars per record, now they are as low as 20 dollars. Why? Supply. There are millions of records for sale. It would take identity thieves multiple lifetimes to get through all the information and turn it into cash.

In 2008 the number of victims rose 22% to a record 9.9 million in 2008 from 8.1 million a year earlier, with about one in 23 U.S. adults becoming victims. Contributing to the problem is the global economy. Desperate people are resorting to desperate acts. Familiar identity theft is when family, friends or coworkers steal IDs from those closest to them. A father and son who share a same name are perfect examples. A son could easily adopt his father’s social security number and open various accounts under his dad’s name. What makes this so easy is the son already has IDs with dad’s name, which he shares.

The study further shows that losses to the victims have dropped. Don’t get too excited, its not what I wound consider significant. It’s enough to acknowledge that consumers are recognizing their identity compromised quicker. Which means a bit of due diligence for the consumer. Good for them. However most are still ripe for the picking due to the fact they don’t take many active steps to lock down their information. That’s where tools such as fraud alert for free, but you have to renew every 90 days or pay a company to do it for you and its on-going hands off. Another option is a credit freeze which locks down your credit preventing even you from getting new credit until its thawed or unlocked.

The study further shows people who made more than $75,000 were more likely to be fraud victims. And the fraud rate was highest among people 35 to 44 years old, which makes sense. For most people, these are prime earning years.

It is important to point out the study was commissioned by 2 companies that benefit from the results. That said, I still believe in the results. I say this because I’m in the same space, and I receive calls and emails daily from victims. These are people that have been caned and waterboarded by identity thieves. Their lives have been abruptly invaded and they have an ongoing barrage of bill collectors and even law enforcement pursuing them because of the crimes of an impostor.

Here is an appearance discussing the same on Fox News

Robert Siciliano is CEO of IDTheftSecurity.com he is a business builder, strategic marketer, security analyst, published author, television news correspondent. Delivers presentations on identity theft protection and personal security. Works with Fortune 1000, IT and startups. Launching, branding, messaging, representation, m&a facilitator, SEO and media. Current private equity projects include dynamic biometrics, credit card platform multi-factor authentication, identity theft security AAS, laptop tracking, security investigations and telemarketing fraud mitigation. Connect with him on LinkedIn

Identity Theft Expert; “Robby, Do I have a Paypal Account?” Back to Basics

Identity Theft Speaker Robert Siciliano www.IDTheftSecurity.com

Me Mum calls me last night. Shes asks “Robby, Do I have a Paypal Account?” (Yes, my mom calls me robby) I say “Why do you ask?” Shes says “Paypal sent me an email and I need to update my account”

Shes 60. Been online for 5 years. Knows about as much as most “baby boomers” know about the Internet. And shes the mom of a dude thats been on CNN MSNBC FOX News and a bazillion publications on information security and identity theft prevention.

She does not have stupid written on her forehead. Shes just as naive, kind and cordial as most of her peers. She reached out to me because a piece of my advice to millions of others rubbed off on her.

I’m telling you, call your mother right now and tell her not to respond to any emails or phone calls or snailmail that are from anyone but her closest friends. I’m receiving more emails from victims and seeing more news now of people getting scammed than in any time in my adult life. It will get worse, it wont get better, and somebody you love will get scammed if you dont inform them of whats up.

Many agree. Another blogger added a very pertintnet comment to a recent post;
“With the Russian economy evaporating we can only expect a resurgence in scams coming from there, and in fact everywhere. With the public image of banks never worse and religious leaders announcing fatwa’s encouraging the cyber-attack of western commerce, I expect 2009 will see new records for fraud exploits. Perhaps not in value, because of diminished wealth of the victims, but certainly in the number of attacks.”

Yup. Cold War 2.0

Its Tax Time for Scammers in the USA. And I’m getting a flood of emails from scammers posing as the IRS. They are taking a low tech tact. They are including Word Docs that the victim fills out and faxes back. I sacrificed my security and went against my own rule and opened the attachments in the last one. I scanned them first and so far I think I’m good. And please dont send me comments telling me I have stupid written….

The attachments and note came equipped with a real fax number with an area code from the Bronx, New York USA. Cant blame the Nigerians or Russians for this one. Unless of course they live in NY ;)~

Make sure Mum has McAfee or another no brainer anti-virus provider on her PC automatically updating with every phish filter running.

See below.

DOC 1

Sir/Madam,

Our records indicate that you are a non-resident alien. As a result, you are exempted from United States of America Tax reporting and withholdings, on interest paid you on your account and other financial dealing to protect your exemption from tax on your account and other financial benefit in rectifying your exemption status.

Therefore, you are to authenticate the following by completing form W-4100B2, and return to us as soon as possible through the fax number: +1-646- 519-7245.

If you are a USA Citizen and resident, please complete form W-4100B2 and fax it to us, please indicate “USA Citizen/Resident” on the form and return it to us.

When completing form W-4100B2, please follow the steps below

1. We need you to provide your permanent address if different from the current mailing address on your Form W-4100B2 , you must indicate if a non-USA resident, your country of origin to support your non-resident status (if your bank account or other financial dealing has a USA address for mailing purpose).

2. If any joint account holder are now USA residents or Citizen, or in any way subject to USA tax reporting laws, Please check the box in this section.

3. Please complete 1 through 19 and have all account holders, sign and date the form separately and fax it to the above-mentioned number.

Please, complete Form W-4100B2 ‘attached” and return to us within 1 (one) week from the receipt of this letter by faxing it, to enable us update your records immediately if your account or any other financial benefits are not rectified in a timely manner, it will be subject to USA tax reporting and back up withholding (if back up withholding applies, we are required to withhold 30% of the interest paid to you).

We appreciate your cooperation in helping us protect your exempt status and also update our records.

Sincerely,

Laura Stevens
IRS .Public Relations.

_____________________________________________________________________
DOC2

FORM W-4100B2 (US Tax Recertification)
Request for Recertification of Foreign Status
W-4100B2 Certificate of Foreign Status of Beneficial Owner
(Substitute form) For United States Tax Withholding
Part I Identification of Beneficial Owner
(JAN-APRIL. 2009)
1. Name of individual or organization that is the beneficial owner
2. Sex: □ male □ female
3. Type of beneficial owner □ Individual □ Corporation □ Complex Trust
□ Simple Trust □ Grantor Trust □ Central Bank of issue
□ Government □ International organization
□ Tax-exempt organization □ Private foundation
4. Date of Birth
5(a). Nationality: 5(b). Place of Birth:
6(a). Country of permanent Residence 6(b). Passport No.
7. Mother’s Maiden Name:
8(a). Spouse Name: 8(b). Spouse date of Birth:
9.Permanent resident address (street, apt, or suite no, or rural route).
Do not use a P.O.box or In-care of address
City or town, state or province, include postal code where appropriate
10. Mailing address (if different from above)
City or town, state or province, include postal code where appropriate
11. Social Security Number □SSN or ITIN □EIN
12. Profession: 13.Day time phone/ fax Number
14.(a) Bank Name(s):
15. Account number(s):
16. Branch Address:
17. Date Account(s) was opened:
18. How often do you come to USA and when did you arrive last?
19. ATTACH PHOTOCOPY OF PASSPORT OR US DRIVERS LICENCE FOR PROPER IDENTIFICATION
Part II Certification of Beneficiary Owner
Under penalties of perjury, I decided that I have examined the information on this form to the best of my knowledge and believe it is true, correct and complete.
I furthermore certify under penalties of perjury that:
. I am the beneficial owner (or am authorized to sign for the beneficial owner) of all the income to which this form relate.
. The beneficial owner is not a U.S person.
. The income to which this form relates is not effectively connected with the conduct of a trade or business in the United States or is effectively connected but
subject to tax under an income tax treaty, and
. For broker transaction or barter exchanges, the beneficial owner is an exempt foreign person as defined in the instructions.
Furthermore, I authorized this form to be provided to any withholding agent that has control, receipt or custody of the income of which I am the beneficial owner or withholding agent that can disburse or make payments of the income of which I am the beneficial owner.
The Internal Revenue Service does not require your consent to any provisions of this document other than the Certifications required to establishing your status as a non-U.S person and, if applicable, obtain a reduced rate of withholding.

Sign Here ____________________________________________________________
(Signer #1) signature of beneficial owner or individual authorized to sign for beneficial owner Date

Sign Here ____________________________________________________________
(Signer #2) signature of beneficial owner or individual authorized to sign for beneficial owner Date SEND FAX TO: +1-646- 519-7245

Heres a video of fraud around Tax Day
http://www.youtube.com/watch?v=wSyPQnXNido

Identity Theft Expert; “Phexting” is the new phish “I ain’t got stupid written on my forehead”

Identity Theft Speaker Robert Siciliano www.IDTheftSecurity.com Article here; Text Message Scam

Interviewed for this article the victims states “I ain’t got stupid written on my forehead” I’m sure she is a lovely woman who must be smarter than her quote. She received a scam text and didnt get taken.

Most of us are somewhat aware of text messaging scams. Ive never received one. But I’m seeing a flood of local news reports on the issue. I’ve yet to see a national story on what I predict will become as bad as phishing in emails.

The problem stems from criminal hackers who are using technology to generate cell phone numbers based on area code first, plugging in the cell carriers given extension then generating the last 4 numbers.

Do a search on mass sms software and you will find lots and lots of vendors providing free and small fee programs to send mass texting.

Sexting is when teens send sex pics to one another. Robert Siciliano (me) says “Phexting” is the new phish.

Whats happening is browsers and email clients are doing a better job of protecting the naive. Phexting is the path of least resistance to get to the victim.

Most web based email providers do a pretty good job of recognizing that an email is a phish. First they send it right to spam or they might display a red banner along top of the email in the preview pane.

Up to date browsers have phish filters that recognized a spoofed website. This feature works if you dont turn it off.

While all these tools are helpful, nothing will fix the problem better than simple common sense. I aint got stupid written on my forehead either. But too many people do. And snake oil salesman can smell them from 10,000 miles away.

Heres a video on Phishing: