Santa Claus is coming to town—and so are online thieves. How might they nab you, and what can you do to prevent it?
1. Stick with familiar retailers. Unbelievably low prices are a red flag, since competitors are always checking each other’s prices.
2. Customer reviews aren’t necessarily the gospel. An unscrupulous seller may hire people to write favorable reviews. Though one clue is that the same reviewer has reviewed tons of products, other reviews are crafted more cleverly. Identical reviews on different sites are suspicious.
3. Phishing, anyone? The crook sends you the bait: an e-mail that looks like it’s from a reputable company, with a malicious link to a site that looks like the company’s, requesting you turn over your username, password or credit card number. Do this and the thieves will spend your money.
4. Carefully review credit card statements. Even if you never online shop, your purchases are processed online, where fraud can take place, resulting in unauthorized charges. Also, crooked employees can use your credit card number for purchases.
5. Sell with caution. You receive a check for that item you put on eBay, but the buyer “overpaid” and asks you to send the difference back via Western Union WU -1.44% or Moneygram. You do this—before you learn that their check is fake.
6. Meeting Craigslist sellers and buyers. Meet only in safe, public places. Inform the seller you’ll first meet without any cash, just to inspect the sale item. If you want to buy it, get your money from an ATM.
7. Don’t purchase stolen products. Request proof of ownership. Or, request the serial number and see if your state keeps a database of stolen items.
Retailers are also doing a lot behind the scenes to protect consumers, by layering fraud protection tools including address verification services, two-factor authentication, device reputation technology and behavioral analysis. As devices (such as computers and mobile devices) with fraudulent histories connect to the retailer’s website, the business is alerted in real time.
Up until now, identity thieves have been hunting elephants. But that may soon change.
According to this study, small to medium size businesses (SMB’s) are the criminal hackers next target. This should come as no surprise, as large enterprise networks have gradually become better at defending themselves.
Over the past few years, criminal hackers have acted like hornets, attacking and swarming unassuming enterprise networks. Big business has responded by allocated billions of dollars in funding for technology and talent to thwart their sting.
In 2009, enterprise defense is the best it has ever been. It’s still lax, but now the path of least resistance has become SMB’s. Your mom and pop shops simply don’t have the resources, including deep pockets, to keep up.
Studies by the International Council for Small Business show that one fifth of small businesses aren’t even equipped with basic defenses, such as McAfee security software. Furthermore, as many as 60% don’t even have wireless encryption activated. What is most disturbing, but not surprising to this security analyst, is two thirds don’t have any type of security plan in place.
According to poll responses, these same SMB’s overwhelmingly believe that they aren’t targets, that only big businesses need to worry. However, this same study shows that 85% of fraud related to criminal hacks occurs within this exact group.
The National Retail Federation stated that Level 3 businesses are only 60% compliant and Level 4’s are even less secure.
PCI Compliance, a Visa based organization that regulates merchants in order to prevent credit card fraud, recognizes retailers at different levels. Level 1 retailers process 6,000,000 Visa transactions per year, Level 2 retailers process 1,000,000 to 6,000,000, Level 3 retailers process 20,000 to 1,000,000, and Level 4 retailers process fewer than 20,000.
Many security issues stem from the SMB’s lack of resources, coupled with their shift to online transactions and the handling and storage of their own data.
Some say that the responsibility of handling these transactions should be shifted back to the banks.
One additional recommendation for these Level 3 and 4s is to adopt a strategy in which the merchant never handles the credit data at all. The merchant would have an online shopping cart, but the credit card transaction would be diverted to the bank server, without ever being touched by the merchant.
I’m one of those Level 4 merchants and this is the strategy that I use. All orders are taken online and nobody aside from the bank handles client credit card data. PCI compliance is a breeze – no hiccups.
While this is practical for some SMB’s, it doesn’t work for others, so those retailers need to get their act together immediately, because criminal hackers are watching.
See identity theft speaker Robert Siciliano discuss data breaches here.
I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out uniball-na.com for more information.
https://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.png00Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2009-03-20 13:44:292009-03-20 13:44:29Credit Card Hackers Target Small Business
(BOSTON, Mass. – Aug. 7, 2007 – IDTheftSecurity.com) Last week researchers touted the characteristics of a hypothetical high-functioning “dream credit card” that would offer consumer tools to prevent and detect credit card fraud. Robert Siciliano, a widely televised and quoted personal security and identity theft expert, commended the idea of such a card, but said simpler solutions already exist through technology that relies on credit cards’ existing attributes and relieves the consumer of the need to implement his or her own security measures.
“It’s a commendable idea to suggest the development of a highly functional credit card that dissuades fraudulent activity,” said Siciliano. “At the same time, the market continues to ignore technology already available that, if implemented en masse, would drastically reduce the incidence of credit card fraud and, by corollary, identity theft.”
CEO of IDTheftSecurity.com and a member of the Bank Fraud & IT Security Report’s editorial board, Siciliano leads Fortune 500 companies and their clients in workshops that explore consumer education solutions for security issues. A longtime identity theft speaker and author of “The Safety Minute: 01,” he has discussed data security and consumer protection on CNBC, on NBC’s “Today Show,” FOX News, and elsewhere.
A press release from Javelin Strategy & Research, dated Aug. 1, detailed the security features of what the organization termed a dream credit card. Javelin researchers claimed that a hypothetical credit card with the functionality they announced not only held the promise of putting consumers in control of security measures against identity fraud, but also presented “a golden opportunity” for card issuers “to increase loyalty and retention, and strengthen relationships and their brand reputation,” according to Javelin President James Van Dyke, quoted in the release. The credit card proposed includes options for consumers to enhance their own cards’ security levels.
“The idea that security is a marketing tool is a solid one,” said Siciliano. “This is a concept that card issuers ought to embrace. But, too often, industry places too much hope in solutions touted as panaceas to the fundamental problem of securely authenticating the card user at the point of sale. And, with too many steps or choices, security of any type becomes too confusing for the typical consumer, who, prizing ease of use above all, isn’t sufficiently adept at setting options on limits, setting up instant messaging, or tooling around with security settings.”
Siciliano advised card issuers to consider simpler technologies that rely on existing credit card attributes—and very little on consumers’ attention to their credit cards’ security features beyond the proactive step of making the decision to get a card that’s more secure.
Every credit card, for instance, has a magnetic strip on the back, composed from the slurry that comprises billions of microscopic particles. Like DNA, no two credit cards’ magnetic strips are alike; each is unique. MagnePrint®, from the company of the same name, is a technology that assigns an identity to this uniqueness, a fingerprint unlike any other, at the credit card’s point of manufacture. As Siciliano mentioned in his article for the August 2007 edition of the Bank Fraud & IT Security Report, complementing hardware known as MagTek® works in concert with MagnePrint at the point of sale (POS) to protect transactions from fraud.
“Card issuers might market their cards’ security features with great success,” Siciliano concluded. “But a game-changing, new breed of secure credit card must seem, to the consumer, exactly like the previous breed in terms of how to use it.”
Readers may view CNBC footage on YouTube, below, that features Siciliano discussing debit card and credit card scams. Readers may learn how to protect themselves against identity theft, a major concern for anyone whose electronic communication devices have been hacked, by viewing video of Siciliano at VideoJug.
###
About IDTheftSecurity.com
Identity theft affects us all. Robert Siciliano, CEO of IDTheftSecurity.com and member of the Bank Fraud & IT Security Report’s editorial board, makes it his mission to provide consumer education solutions on identity theft to Fortune 500 companies and their clients.
A leader of personal safety and security seminars nationwide, Siciliano has been featured on CNN, MSNBC, CNBC, “FOX News,” NBC’s “Today Show,” “The Suze Orman Show,” “The Montel Williams Show,” “Maury Povich,” “Sally Jesse Raphael,” “The Howard Stern Show,” and “Inside Edition.” The Privacy Learning Institute features him on its Website. Numerous magazines, print news outlets, and wire services have turned to him, as well, for expert commentary on personal security and identity theft. These include Entrepreneur, Woman’s Day, Mademoiselle, Good Housekeeping, The New York Times, Los Angeles Times, Washington Times, The Washington Post, Chicago Tribune, United Press International, Reuters, and others.
https://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.png00Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2007-08-07 13:59:242007-08-07 13:59:24Identity Theft Expert and Speaker on Personal Security Says the Behavior and Attributes of Security-Enhanced Credit Cards Must Be Simple for Users
(BOSTON, Mass. – April 16, 2007 – IDTheftSecurity.com) Market analysts have predicted that the massive theft of customers’ financial data at TJX Cos. may cost billions. The data breach has claimed millions of victims, including Robert Siciliano, a widely televised and quoted personal security and identity theft expert. Promptly refuting related, fraudulent charges to his bank account and taking swift action to halt the criminals’ ability to use his credit cards, he urged all consumers who have shopped at the many affected stores to monitor their financial information closely.
“I am a victim of this data breach,” said Siciliano. “My credit card information was among the many records these thieves obtained. No single consumer can prevent credit card fraud. It’s impossible. But I’m fine with being a victim, and I caught the foul play by watching my account, just as I advise all my clients to do with theirs.”
CEO of IDTheftSecurity.com, Siciliano leads Fortune 500 companies and their clients in workshops that explore consumer education solutions for security issues. On its Web site, the Privacy Learning Institute has featured Siciliano, a longtime identity theft speaker. Author of “The Safety Minute: 01,” He has discussed identity theft and data security on CNBC, on NBC’s “Today Show,” FOX News, and elsewhere.
Upon receipt of his bank and credit card statements each month, Siciliano always scrutinizes every charge. In doing so with his latest statements, he immediately recognized unauthorized charges, telltale signs that fraudsters had gained access to his finances, and promptly refuted them.
“Shortly after I cancelled my card, I received a new one,” said Siciliano. “These are steps that many consumers, at their own peril, may not be taking.”
Recent news has suggested that consumers indeed are not taking advantage of tools that might protect their financial information. An article in Network World reported on April 10 that fewer than 10 percent of the approximately 163,000 consumers affected by the ChoicePoint data breach in 2005 used the free credit monitoring, credit reports, and identity-theft insurance the company offered.
Data breaches can be costly to a company that experiences them. Findings from Forrester Research reported in InformationWeek on April 11 have pegged the cost of an average data breach at anywhere from $90 to $305 for each compromised record. An article that ran in the Boston Globe on April 12 quoted technology analysts from Enterprise Strategy Group and elsewhere saying the TJX breach, which news reports have said exposed 45.7 million credit card numbers to potential fraud, could cost the retailer up to $1 billion.
“Data breaches are costly, plain and simple,” concluded Siciliano. “Whether the potential financial hit from a data breach seems manageable, the potential loss of customer loyalty is never worth the gamble. Companies and consumers are actors in a symbiotic relationship, after all; they depend on one another. But companies depend on consumers more than the other way around. ” See recent CNBC appearance;
###
About IDTheftSecurity.com
Identity theft affects us all, which is why Robert Siciliano, CEO of IDTheftSecurity.com, makes it his mission to provide consumer education solutions on identity theft to Fortune 500 companies and their clients. A leader of personal safety and security seminars nationwide, Siciliano has been featured on CNN, MSNBC, Fox News, “The Suze Orman Show,” “ABC News with Sam Donaldson,” “The Montel Williams Show,” “Maury Povich,” “Sally Jesse Raphael,” and “The Howard Stern Show.”
https://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.png00Robert Sicilianohttps://safr.me/wp-content/uploads/2023/03/small-logo-safr-me-300x98.pngRobert Siciliano2007-04-16 15:12:022007-04-16 15:12:02Identity Theft: Retail Store Data Breach Affects Millions of Consumers, Including a Widely Quoted Identity Theft Expert and Speaker on Personal Security
1. Stick with familiar retailers. Unbelievably low prices are a red flag, since competitors are always checking each other’s prices.
