Posts

Business Identity Theft; Big Brands, Big Problems

Cyber criminals go after brand names like vultures, infiltrating company websites, hijacking mobile applications and tainting online ads, among other tricks.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813Some corporate websites aren’t as secure as business leaders think they are—and cyber thieves know this. They use the “watering hole” technique to infiltrate the system. Ever see an animal TV show in which the lions wait in the brush, camouflaged, for their unsuspecting prey to approach the lone body of water? You know the rest.

Think of the company’s website as the watering hole. The company typically uses “landing pages” to entice people to their main site, but leave the landing pages up after they’ve served their purpose. Here’s where trouble starts, fewer resources are devoted to monitoring or updating these pages, allowing hackers to pounce on the vulnerabilities and insert malicious code, luring visitors to malicious sites using the trusted reputation of the brand..

Ultimately, the brand name becomes associated with this. Some examples as reported by Forbes.com:

  • The nbc.com home page was infected with the Citadel/Zeus installation malware.
  • The U.S. Veterans of Foreign Wars’ website was infected with malware.
  • Third-party app stores are a source of downloaded malware, since these are usually un-policed. Apps can be repackaged with mal-code, creating an association of bad with the brand name of that app. The mal-code could gather personal data on the purchaser, which is then sold to data brokers, violating user privacy, making the user think pretty negatively about the brand name.
  • Malvertisements are malicious ads that crooks place on legit websites. These normal-appearing ads spread bad things around, and do NOT have to be clicked to trigger a viral attack.
  • Banner ads can also be the target of injected mal-code.
  • These clever crooks will even pose as an actual name-brand company and put up legitimate ads on a website, but then replace those with mal-ads over the weekend—which go undetected because IT departments are lax on the weekends. After oh, say, a few million computers and mobiles are infected, the thieves stick the original, legit ad back in, which makes their crime difficult to track.

Third-party networks place a lot of ads, making it very hard to hunt down malvertising fraud. This complexity can make it virtually impossible for companies to protect themselves against 100% of malicious attacks.

Robert Siciliano is an Identity Theft Expert to AllClear ID. He is the author of99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Graduates beware of Identity Theft

Worried about finding a job after you graduate from college? Worried about paying off your debts? It gets uglier: New college grads need to think about their identities being stolen. One-third of identity theft complaints come from young adults.

http://www.dreamstime.com/stock-photos-identity-theft-red-words-binary-code-computer-monitor-image39907813A new college graduate will often have a clean credit history. If the new college graduate discovers, however, that their credit score is inexplicably low, it’s probably because their identity has been stolen. This can be a nightmare.

Compounding the issue is that some businesses will check the job applicant’s credit report and use this information against them by not hiring.

Prior to graduation, the college student should do a credit check; it can be done annually online free of charge. Young adults should never have an “It can’t happen to ME” approach to one of life’s raw realities: the proliferation of identity theft.

College students should always shred all of their bank related statements, credit card statements and all other documents that contain very personal information.

College students should avoid posting their birthdates, phone numbers and addresses on social media.

Additional Tips

  • Ask your parents to explain whatever they know to you about online scams like malicious e-mails (phishing), suspicious pop-up ads, buying apps from third party sellers, etc.
  • Avoid debit cards; use only a credit card because thieves prefer to steal identities through debit cards.
  • Memorize your SSN so you can keep your SSN card in a safe place at all times.
  • Check your credit card statements every month for suspicious charges.
  • Never give out your SSN, even if the clerk at the retail store insists they need it so that they can give you an intro 15 percent off with the store’s credit card.
  • Go to www.annualcreditreport.com to check your credit report every year.
  • Get identity theft protection and a credit freeze.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

The Future of Identity Theft

Identity theft evolves as technology progresses. The Identity Theft Resource Center explains the future of this crime.

11DDefinition of Identity

The definition will swell up to include biometrics and behavior, not just driver’s license number and SSN. So your identity can be defined by how you move a mouse and your keystroke patterns.

Medical Identity

There’s no focal mechanism for the mitigation of medical identity theft, making it easy for thieves to keep getting medical treatment. Many people get their medical identity stolen without knowing it.

Statistics

Crime rate statistics are not telling the whole story. The illusion is that crime rates are on the decline; this is because statistics do not include all fraud activity. The primary indicator in crime statistics reports doesn’t even include identity theft.

Mobile wallets will not take over the world—at least not soon, anyways.

Though mobile wallets seem to be the next big wave in purchase technology, it’s not going to be easy convincing the masses to store every bit of their financial data in their smartphone. In fact, 64 percent of survey participants said they would not convert to a mobile wallet system (Consult Hyperion).

Affordability

All of these cool developments in the world of cyber communication will not necessarily apply to every single person; products cost money. So no matter how much it seems that times are changing or that people are “switching over” to some new technology, there will still be that demographic that’s seemingly left in the dust.

Finally…

It looks as though federal data breach notification laws will at last become a reality. Or so it seems.

Extra Layers

The dual and even multi-step authentication system will become more common, as more industries pick this up, to verify a user’s identity. And even consumers seem to be warming up to this.

Can’t have it both ways:

That is, security and convenience. With all the big data breaches lately, looks like privacy and security will win over convenience for the consumer.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Kim Kardashian’s Identity Theft Case cracked

Never underestimate the brains of a young guy who still lives with his mother—at least not the case of 19-year-old Luis Flores, Jr., who was smart enough to steal the identities of Kim Kardashian and even the head of the FBI, and assume their financial accounts.

11DOf course, he wasn’t smart enough not to get caught.

Flores’ weapon was a flash drive loaded with private data from celebrities and politicians; he got into their credit card accounts and transferred thousands of their dollars to his bank account. He got nabbed finally.

Red flags raised when American Express reported some suspicious activity on a number of accounts, causing the Secret Service to investigate Flores and his mother.

Someone had phoned American Express claiming to be Kim Kardashian, knew her private information, then changed the account’s SSN to that of Flores’. The snail mail address was changed to Flores’ apartment’s. The caller then requested replacement cards.

The Secret Service questioned Flores and Kyah Green, his mother, about the cards but they didn’t cooperate. The Secret Service also discovered that Flores had a history of fraudulent behavior. Additionally, Flores had wired money from Kris Jenner’s account into his own.

It gets better: Authorities linked Flores to fraudulent activity involving Ashton Kutcher, Paris Hilton, U.S. Marshals Service Director Stacia Hylton and former FBI director Robert Mueller.

The flash drive was discovered in Flores’ apartment by the Secret Service. In it was the bank and credit card accounts, credit reports and SSNs of all the victims named prior, but also those of Bill Gates, Michelle Obama, Joe Biden, Beyoncé Knowles, plus other politicians.

How could Flores’ have gotten this sensitive information? A web site that was launched last year by hackers. It is believed the hackers got the data from legitimate sources such as information brokers who didn’t realize their clients were criminals.

The search of Flores’ apartment by agents didn’t stop him; he contacted American Express in an attempt to access the accounts of Gates, Kutcher and Tom Cruise.

Flores and his mother were charged federally; both pleaded guilty. This is one more reason to invest in identity theft protection or get a credit freeze.

Robert Siciliano is an identity theft expert to BestIDTheftCompanys.com discussing  identity theft prevention. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247. Disclosures.

Consumers worried about Identity Theft over Privacy

A recent poll of 1,000 Internet users reveals that they’re very concerned about security threats to their personal and financial information. Users also believe that the feds should step up more to protect them.2P

  • 80% are concerned that hackers will get into information they share.
  • 16% are on edge that businesses will use data they share online to send out unsolicited ads to them.
  • 75% are nervous their personal data will be hocked by hackers.
  • 54% worry their browsing history will be monitored for targeted advertising.
  • 57% have signed up for a two-step sign-in process.
  • 83% have required a password to unlock their devices at some point.

This small survey is indicative of the awareness that users have over security and their belief that the federal government needs to take more action.

Nevertheless, the respondents showed a proactive approach to protection, e.g., 73% don’t allow services to retain their credit card information; 65% set their browsers to disable cookies; 68% adjust privacy settings for online accounts; and 76% use a different password for different services.

But consumers give up privacy for “free”.

“The poll also shows that respondents have a lower level of concern about targeted online advertising as evidence by the fact that most would rather have a free Internet with targeted advertising than a paid service but with no advertising.  Twice as many say they prefer free online services supported by targeted ads (61%) over online services that they pay for but come with no targeted ads (33%)”

This is good news for companies providing free identity theft protection to their customers. On one hand customers want security; on the other hand they want “free”. So when offering up free identity theft protection, a consumer is getting their cake and eating it too!

CCIA

The Computer & Communications Industry Association is nonprofit and represents a large cross section of communications, computer and Internet industry businesses. CCIA promotes innovation and the preservation of fair competition throughout industry. Over 600,000 people are employed by CCIA, and yearly revenue exceeds $200 billion.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Guarantee your Customers’ Identity Protection

The AllClear Guarantee is designed to protect a business owner’s customers from identity theft. Your customers are assured:
2C

  • Six months of automatic protection once they complete their transaction. Each new purchase means extended coverage with any merchant who displays the Guarantee.
  • Protection wherever customers go. Customers are protected by the Guarantee beyond your site, no matter where they go or how ID theft happens.
  • If a customer’s ID is stolen, AllClear will fix everything: restoration of credit report, recovery of financial losses, etc.
  • Zero cost to customers. Participating merchants pay for the Guarantee.

These points are extremely important to the merchant. After all, according to Forrester (2012), 66% of customers are most worried about getting their identities stolen while they’re online. But what’s their greatest online concern? Edelman (2012) says that 90 percent of customers name sharing financial information online as being their greatest concern—as in, for example, using a credit card to make an online payment to a retailer.

How does guaranteed protection benefit the business owner?

  • Increased revenue. Your customers will have more confidence when they complete transactions and will feel more secure about giving accurate information.
  • Customer retention. When consumers feel safe online, they’re more likely to return time and again. The Guarantee will provide this secure feeling.
  • Reduced risk. You’ll be able to respond faster to a data breach, thanks to the Guarantee.

With the AllClear Guarantee, you won’t hope your clients are safe online; you’ll know they are.

  • Consumers should seek out websites that show the AllClear Guarantee
  • Every purchase gets automatic identity protection.
  • The Guarantee is covered by participating merchants.

Robert Siciliano is an Identity Theft Expert to AllClearID. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him knock’em dead in this identity theft prevention video. Disclosures.

Identity Theft – Common Consumer Errors

The major problem that consumers face today is a fundamental lack of understanding of what identity theft actually is. Most people think of identity theft as when someone uses your credit card without your permission. Fraudulent credit card use is certainly a multibillion dollar problem, but it’s only one small part of the identity theft threat. A comprehensive understanding of what identity theft and what it is not empowers citizens to make informed decisions about how they should protect themselves.

People who have been victimized by identity theft often have a difficult time functioning as a result of their circumstance. Some deal with minor administrative annoyances whiles others suffer financial devastation and legal nightmares.

No one is immune to identity theft:

A woman contacted me who was previously a very successful real estate agent and the president of her local real estate group. She had climbed the ranks from sales to broker/owner and oversaw dozens of employees. A former boyfriend stole her Social Security number and his new girlfriend used it to assume her identity. Over the course of five years the ex-boyfriend and his new girlfriend traveled the world on stolen credit and destroyed the real estate agent’s ability to buy and sell property. Her real estate license was suspended and her life was turned upside down.

Awareness is key:

Do you carry your Social Security number or a Social Security card in your wallet? Do you provide this number to anyone who asks for it? The most commonly dispensed advice in response to these questions is: don’t carry the card and don’t give out the number. But in reality, there are many times when you have to use your Social Security number. Because this number is our primary identifier, we have to put it at risk constantly. Refusing to disclose your Social Security number under any circumstances is like refusing to eat because the food might be bad for you. There are always risks. The key is managing those risks and making smarter decisions.

Do you know what ATM skimming is? Have you seen a skimmer? Have you been phished? Would you know what a fraudulent auction looks like? Do you put your name on a “stop delivery list” when you travel? Do you know how to update the critical security patches in your computer’s operating system? Do you know if the doctor’s office your child just went to has done background checks on all the employees who handled your and your child’s Social Security number? Most people struggle to answer questions like these.

We live in a technologically dependant time and we rely on all these tools and modes of communication, and most people do not understand the risks. The good news is, I do. And McAfee does. And what we do is keep you informed of your options, so that you know how to protect yourself and your family.

The most important thing you can do right now is not worry about this stuff. But you do need to take some time to educate yourself.

Download McAfee’s eGuide,“What You Need to Know to Avoid Identity Theft.”

Take five minutes to assess your risk of identity theft. Fill out the Identity Theft Risk Assessment Tool to get your “risk profile.”