by Adam Levin
Last week, the President and Commander in Chief announced something many Americans had been anticipating (though less and less, as time passed) for nearly a decade. Osama bin Laden, the person responsible for the single largest murder of Americans in history had been found and summarily executed in a stunningly efficient covert operation carried out by the Navy Seals.
Not everyone reacted with the same celebratory response seen outside the White House and at Ground Zero. Bin Laden’s acolytes immediately threatened revenge, and some Pakistanis wondered just how a James Bond-like attack could have been carried out on their soil without their knowledge. (Perhaps they should be wondering how the most wanted man in the world could have been living the high life in their midst for almost five years.) For others, the news created an opportunity.
Within 24 hours of the President’s newscast announcing bin Laden’s death, email inboxes started receiving predictable bin Laden-related spam. The two most common subject lines I’ve seen are “Osama bin Laden captured!” and “Osama hanged!” Each purports to contain a photo attachment of the killing. These are intriguing offers, considering the U.S. government has yet to release a photo of the late bin Laden (and that he died by gunshot, not by noose).
(more…)
You should always:
File a Local Police Report
Include a list of everything that was in your wallet, and make sure you get a copy of the report. This will be useful in resolving any related fraud.
Place a Fraud Alert with Credit Bureaus
Experian, Equifax and TransUnion offer consumers the opportunity to place 90-day fraud alerts on their credit files. These signal creditors to verify a person’s identity before authorizing a new credit account in his or her name. If you place a fraud alert with one credit bureau, it will automatically be shared with the other two.
Contact numbers
Equifax (800) 525-6285 | Experian (888) 397-3742 | Trans Union: (800) 680-7289
Get your free Credit Report
If you’re not doing so already, get a free credit report every four months from one of the three credit bureaus. To obtain your credit report, visit www.annualcreditreport.com.
(more…)
By Ondrej Krehel, Identity Theft 911
I’ve touted the benefits of fast, new solid-state drive technology (SSD) and the recent push toward hardware drive encryption more than once. Now, it seems, they might be making my job harder.
A group of Australian scientists discovered that the algorithms used to keep SSDs running in tip-top shape also destroy a host of hidden data—data that forensic investigators look for when researching drive usage and recovering forensic artifacts.
The team found that after a quick drive format the SSD began purging drive data almost immediately—a process of deep cleaning the disk or overwriting the old data with 1s and 0s. This is required for SSDs to write again, unlike magnetic media that can write new data on old data. In the researchers’ test case, only 1,064 evidence files were recoverable out of 316,666 files on the drive.
(more…)
by Adam Levin
By now almost everyone I know (and millions of people I haven’t had the pleasure of meeting yet) has read or heard about Sony’s announcement last week that its PlayStation network was hacked and that the Personal identifying Information (PII) of potentially 77 million individuals worldwide has been compromised. Then, earlier this week, Sony notified us that there’d been a second breach. This one involved the accounts of 25 million members of Sony Online Entertainment, which hosts the popular online game EverQuest, among other diversions. That means that the PII of more than 100 million Sony customers is now twisting in the wind. And now, a law firm in Canada has filed a class action lawsuit against Sony for more than $1 billion in damages on behalf of nearly one million Canadians.
It is a reasonable assumption that many minors inhabited both of these Sony networks. The stolen PII included names, dates of birth, email addresses, physical addresses, user IDs and passwords and at least some credit card information. Further, children or their parents might unwittingly give up additional information (or expose their computer to malware that would turn their home network into a broadcast vehicle for their financial account numbers and passwords) to a “phisher” pretending to be a legitimate Sony representative following up on the breach. Were they to give up their Social Security number, for example, someone could do quite a bit of damage, especially given children have no reason to check credit information for many years to come. Perhaps the fact that the breach was so large, and involved kids, explains why in a week that saw mile-wide deadly and horrific tornadoes, a US president publicly releasing his birth certificate, and precious metals prices reaching all-time highs, the PlayStation breach made the front page of the Wall Street Journal.
(more…)
By Matt Cullina, Identity Theft 911
Hours after the announcement that Osama bin Laden had been killed, cybercriminals launched information attacks targeting news-hungry consumers.
They flooded Facebook pages with invitations to see graphic images of bin Laden’s body to capitalize on the public’s interest in the al-Qaeda leader.
President Obama said May 4 that photos of bin Laden’s body won’t be released. So, computer users who click on fraudulent links of pictures of his corpse are instead exposed to malicious software or spam.
(more…)
By Matt Cullina, Identity Theft 911
Survivors of the tornadoes that killed hundreds in the South need to prepare for another threat, this one man-made: Fraudsters often target victims in the aftermath of this kind of large-scale natural disaster.
The violent storms that ravaged six states in April left thousands homeless and unable to access their personal documents. The tornadoes also scattered confidential personal information including bank and credit card statements and social security cards. This material may have blown miles away never to be recovered. Or it may wind up on a stranger’s front lawn.
The tornadoes were the country’s worst natural disaster since Hurricane Katrina struck in 2005. After Katrina, the FBI reported a marked increase in insurance fraud in the area. Of the more than 80 billion government dollars appropriated for reconstruction efforts in the region, it is estimated that insurance fraud accounts for between $4 and $6 billion.
(more…)
by Brian O’Connell
How prevalent is medical identity theft? Why are Americans so indifferent toward it (at their peril)? And what can consumers do to protect themselves from medical identity theft?
A recent national study claims to answer these questions. The National Study on Medical Identity Theft by the Poneman Institute, a California based think tank, concludes that medical identity theft is looming larger on the public landscape, yet many Americans seem to be either unaware or unconcerned of the risks associated with the problem.
The study is the Institute’s second annual look at the issue of medical identity theft. In it, researchers say that 1.5 million Americans are victimized by medical identity theft in the US, a number that is up slightly from 2010 numbers.
What should make Americans sit up and take notice is the average cost of a medical identity fraud case—which, according to the Poneman study, stands at an astounding $20,663.
(more…)
By Ondrej Krehel, Identity Theft 911
The computer security press reported a while back a hacker assault to the French Ministry of Economy, Finances and Industry. The method of attack wasn’t exactly novel—spear phishing of government employees opened the backdoor. It was, however, the largest such hacking attack against France.
The Australian government also was invaded recently, with the attacks originating in China. U.S. intelligence alerted the Aussies to the breach; it was not picked up by an internal detection process. This is no surprise: More than 50 percent of the organizations in the 2011 Verizon Data Breach Investigations Report were alerted to the breach by a third party.
Soon after the Australian breach was made public, the country’s National Audit Office criticized the Department of Prime Minister and Cabinet for allowing access to webmail services such as Gmail and Hotmail from government computers. Just like the breach in France, the employees were victims of spear phishing on personal accounts.
So why is spear phishing so successful?
(more…)
By Matt Cullina, Identity Theft 911
“It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you’ll do things differently.
- Warren Buffett
There is no US entity, be it baseball, entertainment, or otherwise that is exempt from a data breach. And no worse way to damage a reputation than by mishandling your customers’ most sensitive information.
According to a recent news story of the Yankees data breach, a New York Yankees employee accidentally emailed an internal document that contained sensitive information of more than 21,000 season ticket holders to approximately 2,000 clients. The information included the season ticket holders’ name, address, phone number, Yankees account number, seat number and more.
While the number of people affected in this breach pales in comparison to the 77 million affected from Sony’s PlayStation breach, or the numerous hospital and bank breaches being publicized every day, it illustrates the haphazard way in which businesses’ and consumers’ private data is being handled. No consumer is safe when giving out their personal information and no industry, business or entity is safe from employee negligence, cyber attacks or data theft.
(more…)
