The New Year is barely a couple of weeks old and already we’re seeing some brazen and possibly huge data breaches. Fans of the Huffington Post were greeted a couple of days ago with a Twitter message from the Post that said simply “Sorry about that, Twitterverse! We know we’ve been hacked and are working to resolve the issue as quickly as possible.” Seems like someone managed to hack into their Twitter account and post a bunch of offensive messages.
And while that probably wouldn’t make the list of the Top Hacks Ever, the recent Zappos hack just might. Zappos is the online shoe and clothing store now owned by Amazon.com. The firm recently confirmed that hackers may have gained access to the accounts of more than 24 million of its customers. The company does point out that credit or debit cards were not exposed, but the hackers were able to steal Zappos’ customer names, e-mail addresses, addresses, phone numbers, and the last four digits of credit card numbers. Continue reading this post »
In case you didn’t know, January 28th is Data Privacy Day and an opportunity for consumers and businesses around the world to think more about the issues of privacy and the protection of data.
The event has been running for a couple of years now, under the stewardship of the National Cyber Security Alliance (NCSA).
According to the NCSA, ” In this networked world, in which we are thoroughly digitized, with our identities, locations, actions, purchases, associations, movements, and histories stored as so many bits and bytes, we have to ask – who is collecting all of this data – what are they doing with it – with whom are they sharing it? Most of all, individuals are asking ‘How can I protect my information from being misused?’ These are reasonable questions to ask – we should all want to know the answers.”
It continues, “Data Privacy Day promotes awareness about the many ways personal information is collected, stored, used, and shared, and education about privacy practices that will enable individuals to protect their personal information. “
The initiative has a number of goals, but places most of its focus on two important issues:
- Encouraging businesses to be more respectful of consumer privacy, more honest and open about their data collection and privacy practices, and providing better protection for personal information.
- Encouraging consumers to play their part, think twice about sharing their personal information, and limiting the amount of personal information they allow to leak out.
The NCSA will be holding a series of local and online events and town halls. The initiative is sponsored by eBay and Intel and supported by industry giants like MasterCard, Intuit, and Facebook. And while it might come as a surprise that such a repeat privacy offender as Facebook would be invited to support such an important initiative, at least it’s a good way to shine a spotlight on what many consider to be at the heart of the cyber security epidemic – a lack of respect for consumer privacy.
You can learn more about Data Privacy Day at this link, where you can also get some great advice and download logos, posters, and tip sheets.
In what’s being widely seen as a very troubling pattern, law enforcement across the country are reporting that street gangs are making a notable shift off the street and into something even more shifty – identity theft.
Police in Florida recently raised the alarm about a move by local gang members from traditional gang activities, like drug dealing, into more sophisticated and lucrative crimes like identity theft. In Lee County, Florida – which in total has a smaller population than a mid-sized city – law enforcement has identified at least 1,300 gang members. Continue reading this post »
IN THE HEADLINES: Fake Landlords Can Lead to Fraud and Identity Theft
Posted by: Neal OFarrell on January 25, 2012
Consumers across the country are reporting a growing number of scams that trick renters into paying upfront fees for apartments that don’t exist or the advertiser of the apartment doesn’t have the right to rent it.
Here’s how the scam works. The scammer will copy an ad for an apartment rental from a public site like Craigslist and create their own identical ad, complete with photos, but with different contact information. And of course a price that’s low enough to be attractive but not too low that it would set off alarm bells. Continue reading this post »
IN THE HEADLINES: 10 Security Threats You Might Not Know About
Posted by: Neal OFarrell on January 24, 2012
If you’re a regular reader of this blog then you’ll probably be familiar with some of the more common security threats, like phishing emails, banking Trojans, and drive-by downloads. But in an effort to educate consumers about some serious risks they might not know about, a web site called Security News Daily has compiled a list of what it calls the “10 Computer Threats You Didn’t Know About.” Continue reading this post »
As facts become clearer about the recent massive hacking attack on online retailer Zappos, experts are speculating on exactly what the hackers will do with that mountain of data. The attack happened about a week ago and the company admitted that hackers had managed to steal the personal information of as many as 24 million customers.
The information included names, home addresses, email addresses, phone numbers, and the last four digits of credit cards used by customers. And while it’s easy for customers to change or cancel their credit cards, it’s not so easy to change their names and addresses. Continue reading this post »
It’s been a couple of years since I first started writing about Zeus, a very dangerous new type of banking Trojan that was blamed for stealing hundreds of millions of dollars from bank accounts across the country. And only last week I wrote about Zeus again, and how a dangerous new variant added a whole new level of threat to banks and their customers – by manipulating the victim’s browser so that when they checked on their bank balance everything looked normal – in spite of the fact that Zeus might have just emptied their accounts.
The ink hardly had time to dry on that blog before the FBI announced the discovery of yet another variation of the Zeus Trojan that demonstrated just how clever and dangerous a piece of malware it has become. In the latest attacks, consumers are sent official-looking emails claiming to be from the National Automated Clearing House Association (NACHA), the Federal Reserve Bank, or the Federal Deposit Insurance Corporation (FDIC). Continue reading this post »
Just as a new variety of the Zeus banking Trojan emerged to threaten bank accounts in a creative new way, researchers in Israel report the growth of a close cousin, a computer worm, which may be targeting Facebook accounts as a way to also break into bank accounts.
The worm is called Ramnit and was discovered last year in Europe, mainly targeting Facebook users in the UK and France. Any time the worm infected a Facebook user’s account, it then used that account to spread to the user’s friends, thus spreading the worm quickly. So quickly in fact, that it was able to compromise an estimated 45,000 Facebook user accounts before it was shut down. Continue reading this post »
IN THE HEADLINES: Top Android Trojans You Should Try to Avoid
Posted by: Neal OFarrell on January 18, 2012
If you use an Android-powered smartphone or tablet, you’re not alone. I use them, too. And so do millions of others. In fact, Android is now so popular as a platform for phones, tablets, and other devices Google recently claimed that around 700,000 new Android devices are being activated every day. Adding to the more than 200 million Android devices already on the market and more than 95% of these are smartphones.
So what does that mean for you and your security? Call it the Facebook effect. Hackers and scammers have been heavily targeting Facebook because Facebook itself is attracting consumers and businesses by the droves – more than 800 million in fact. Continue reading this post »
If you haven’t already heard of something called a Premium SMS Trojan, consider yourself warned. As Trojan attacks on Android smartphones and tablets soar, not all the attacks are what you would traditionally expect from a Trojan – like stealing your personal information or passwords.
A growing number of these Trojans instead use your phone to make money, by tricking the phone into either sending text messages or making hidden phone calls to premium phone services. These services can cost more than $6 per minute and the crooks make money by earning a share of this call revenue.
Often the first time the victim finds out about the attack is when they get their monthly phone bill, and then they have to try to explain to their carrier why the calls or messages are not theirs. Hard to do when the victims have no idea that a Trojan hiding on their phone is responsible. Continue reading this post »
Follow us on Twitter
Join us on Facebook