Posts Tagged: ‘hackers’

Scam of the day – May 5, 2013 – Data breaches at small businesses – what it means to you

May 5, 2013 Posted by Steven Weisman, Esq.

Verizon has just released its 2013 Data Breach Investigations Report analyzing data breaches around the world and found that hackers in foreign countries, particularly China, Romania, Bulgaria and Russia are responsible for many of the attacks on businesses large and small resulting in data breaches.  Sometimes the hacks are intended to obtain company secrets while other times the goal is personal information about a company’s customers that can be used to make the company’s customers victims of identity theft.  More and more hackers are targeting small businesses because they are both a treasure trove of information and because many of these companies have lax security making them easy targets for the hackers.  It has been estimated that as much as 80% of the data breaches could be prevented by using two-factor authentication when accessing company computers and their data.  This is not a costly security measure to implement, but most companies still do not do this.

TIPS

As I always tell you, you are only as secure as the company or agency with the weakest security that holds your information.  Therefore it is important that you limit, as much as possible, the companies and agencies that hold personal information about you that can be used to make you a victim of identity theft.  And although it is certainly convenient to leave your credit card number on file with companies with which you do business online rather than input it each time you do business with a particular company online, you are safer not leaving your credit card number in the computers of companies that may be hacked.  You also should inquire of any company that does hold personal information about you as to their security measures to safeguard that information.

Read full article |Leave a comment
Tags: , , , , , , , , , , , , ,
Categories: Site Related

Scam of the day – April 28, 2013 – LivingSocial hacked, data on 50 million customers stolen – what it means to you

April 28, 2013 Posted by Steven Weisman, Esq.

LivingSocial, which is an online company that provides an assortment of deals on all types of goods and services just announced that it had been hacked and data on 50 million of its customers was stolen.  The good news is that the hackers did not get customers’ credit card numbers.  The bad news is that they did get their names, email addresses, dates of birth and encrypted passwords.  It is important to remember that even though the passwords were encrypted, due to the manner of the encryption of the passwords, it is still possible, albeit difficult, for the hackers to crack the encryption and gain access to the passwords.  The danger to LivingSocial customers cannot be overestimated.  Identity thieves and scam artists can use the email addresses and names to enable them to do a type of scam called “spear phishing” through which you will get a phony email from the scammer posing as a company or agency with which you have a relationship in which you are lured to click on a link or download a document that contains malware such as a keystroke logging malware program that can steal all of the information on your computer, such as passwords, credit card numbers, your Social Security number and other information that can be used to make you a victim of identity theft.  People are more likely to fall for a spear phishing scam because the email uses your name and is directed to you personally.  Having your email address also makes it easier for a scammer or identity thief to take control of your email account and send phony emails to friends of yours that may contain malware.  Finally, since many people use the same password for multiple accounts, if your LivingSocial password is cracked, you are in danger on any account where you use that password.

TIPS

This hacking once again illustrates that you are only as safe as the companies with which you do business with the weakest security.  Never leave your credit card number to be stored by a company merely for convenience in making purchases in the future.  If you are a LivingSocial user, change your password for LivingSocial as well as every other company with which you do business.   In fact, it is a good idea to regularly change your passwords and make them different for each company.  Check your email for indications that it has been hacked into and if it is, follow the instructions for remedying the situation found elsewhere on Scamicide and in my book “50 Ways to Protect Your Identity in a Digital Age.”  Never click on links or downloads unless you are absolutely sure that they are legitimate and keep your security software up to date.

Read full article |Leave a comment
Tags: , , , , , ,
Categories: Site Related

Scam of the day – April 20, 2013 – Bluetooth scams

April 20, 2013 Posted by Steven Weisman, Esq.

Bluetooth technology has proven to be a boon to hands-free use of our smart phones.  Often this technology is used to pair up the smart phone with a car’s technology system, such as the widely used Sync system in Ford vehicles.  But just as this technology can be used to make our lives easier and better, it can also be used by identity thieves to steal information from our smart phones.  Identity thieves will hack into our smart phones using readily available and cheap technology.  They will then steal information stored on your smart phones to make us a victim of identity theft and although many of us take great precautions to keep our computers safe, we often to do not take the necessary steps to keep our smart phones and other portable devices safe.

TIPS

Make sure that you use a complex password that combines letters and symbols on your smart phone.  Even just a few exclamation points at the end of a password can provide greatly enhanced security for your smart phone.  Also it is important to switch your Bluetooth into the “non discoverable” mode when you are not using it to keep identity thieves from hacking into your smart phone.  Finally make sure that you install and keep updated, security software for your smart phone.

For more tips on how to keep your identity safe and secure on your smart phone, check out my book “50 Ways to Protect Your Identity in a Digital Age.”  It can be purchased at a discount from Amazon by merely clicking on the picture of the book on the right of this page.

Read full article |Leave a comment
Tags: , , , , ,
Categories: Site Related

Scam of the day – April 14, 2013 – Bank teller pleads guilty to identity theft

April 14, 2013 Posted by Steven Weisman, Esq.

Recently Kelly Taplin of Byram, Mississippi pled guilty to charges of aggravated identity theft.  He will be sentenced on July 11, 2013 and is facing a mandatory two year prison sentence as well as a fine that could be as high as $250,000.  Taplin was employed as a teller at the Trustmark National Bank in Byram, Mississippi where she had access to a customer’s name, Social Security number and date of birth.  She used this information to take out a loan in the customer’s name, the proceeds of which she used for her own personal purposes.  This case again points out that regardless of what you do, you are vulnerable to identity theft because of the many places that have personal information on you that can be accessed either by an identity thief who hacks into the information from outside a company with which you do business or, as in this case, by an identity thief within the company itself who has access to your information.

TIPS

If you are a regular reader of Scamicide or have read my book “50 Ways to Protect Your Identity in a Digital Age,” you are aware of the many important steps you need to do to protect yourself from identity theft.  However, even if you do all of these steps, you are still a potential victim of identity theft because of all of the companies and agencies that have personal information about you that can be used to make you a victim of identity theft.  It is therefore important for you to limit as much as you can, the personal information that you provide to any company or agency with which you do business.  In particular do not provide your Social Security number unless you must.  However, you should also ask any company or agency that does gather your personal information what they do to protect the security of that information from outside hackers or inside criminals and then try to limit your involvement with companies that do not properly protect your information.

 

Read full article |Leave a comment
Tags: , , , , , , , ,
Categories: Site Related

Scam of the day – March 15, 2013 – Important Adobe Flash Player Updates

March 14, 2013 Posted by Steven Weisman, Esq.

Adobe, which makes the flash Player used by many of us on our computers and portable devices has just issued new security updates to correct vulnerabilities that could be exploited by hackers to install malware on your computer or portable device that would enable the hacker to steal all of the information from your computer as well as control your computer and make it part of a botnet, a network of computers taken over by hackers that use your computer to spread malware.  It is important to install these latest software security updates as soon as possible.  As I have often said, hackers are constantly working to detect and exploit security flaws in the software we use.  Software developers are working just as hard to plug up vulnerabilities as they are discovered.  Therefore it is critical to your personal security to install updates as soon as they are available.

TIPS

Here is a link to the security bulletin of Adobe which will provide you with all the assistance you need to download the proper security update for your particular computer or portable device.

http://www.adobe.com/support/security/bulletins/apsb13-09.html

Read full article |Leave a comment
Tags: , , , , ,
Categories: Site Related

Scam of the day – March 14, 2013 – Michelle Obama and 22 other public figures hacked – what it means to you

March 13, 2013 Posted by Steven Weisman, Esq.

News about a website that has put on line huge amounts of personal information about 23 famous politicians, celebrities and sports figures including, Beyonce, Vice President Joe Biden, Hillary Clinton, Hulk Hogan, Attorney General Eric Holder, Kim Kardashian, FBI Director Robert Mueller, Michelle Obama, Sarah Palin, Arnold Schwarzenegger, Donald Trump and Tiger Woods has been everywhere.  What happened was that hackers were able to hack into the website www.annualcreditreport.com and get access to the credit reports of each of these people which contained large amounts of personal information that in the hand of an identity thief could bring serious harm to the people whose information was accessed.  Instead of quietly using this information to victimize these people,these particular hackers chose to make all of the information public and put these people in serious jeopardy.  But what does this mean to you?  It is another example of how you are only as safe as the place storing your information with the weakest security.  In this case, an obvious flaw in the verification process permitted the hacker to pose as each of the victims and get their no longer private information.

TIPS

Getting access to the Social Security number of each of the victims was an important first step in the hacking.  The Social Security number is a key to identity theft and it is something that you should try to keep private, as much as possible.  There are plenty of ways that a determined hacker can get a Social Security number, but don’t make it easy for them.  Don’t provide it to places that do not need it and do not carry your Social Security card in your wallet or purse.

 

Read full article |Leave a comment
Tags: , , , , , , , , ,
Categories: Site Related

Scam of the day – March 9, 2013 – Important software security updates

March 9, 2013 Posted by Steven Weisman, Esq.

Identity thieves and hackers continuously try to exploit vulnerabilities in software programs that we all use in order to permit them to avoid security features and hack into our computers or perform other misdeeds.  It is critical to update the various software programs that you use as quickly as new patches are issued to address these vulnerabilities.  The delay or failure to do so can be devastating.  I will keep you updated as soon as new updates are issued and also provide links that you can trust to go to the proper places to download the patches.  Google has just issued a patch for its Google Chrome program for Windows, Linux and Macs.  If you use Google Chrome you should download the latest updates that apply to you.  In addition, a number of other companies have also issued security updates that you should install immediately.

TIPS

Here is a link from the United States Computer Readiness Emergency Team, which is a part of the Department of Homeland Security with a list of all of the most recent security patches and links to those patches.  You should definitely update those programs that apply to you.

http://www.us-cert.gov/ncas/bulletins/SB13-063

 

Read full article |Leave a comment
Tags: , , , , , , , , , ,
Categories: Site Related

Scam of the day – March 6, 2013 – Evernote hacking danger

March 5, 2013 Posted by Steven Weisman, Esq.

Evernote is a popular on line service that helps you store notes, files, web pages and images on all of your electronic devices.  It has both a free and a premium service for which you pay.  Unfortunately Evernote is also popular with identity thieves as evidenced by its being hacked.  Evernote announced the hacking a couple of days ago.  According to Evernote, the hackers managed to steal the names, email addresses and encrypted passwords of its customers.  Evernote is confident that its encryption program will protect the passwords of its users, but only time will tell.  Evernote also stated that it did not believe that credit card numbers used by its premium customers had been accessed.  Again, however, premium users of Evernote should be particularly vigilant in monitoring their credit cards.  Despite its position that no passwords had been stolen, Evernote is requiring all of its customers to obtain new passwords.  The ONLY place to do this is on Evernote’s website at www.evernote.com.

TIPS

Users of Evernote should be particularly wary of an identity theft tactic called “spear phishing.”  Spear phishing occurs when you get an email that lures you to a phony website or link where you either become victimized by providing information that is used to make you a victim of identity theft or causes a keystroke logging malware program to be downloaded when you click on the link or download tainted material that steals all of the information from your computer including bank account numbers, Social Security number, credit card numbers and other information that makes you a quick victim of identity theft.  What makes spear phishing particularly insidious is that unlike most phishing emails which never use your name, spear phishing is directed to you by name which makes many people more trusting of the email.  As I always say, “Trust me, you can’t trust anyone.”  Identity thieves will be contacting people by email posing as Evernote and telling them that they need to change their password by clicking on a link contained in the email or by providing other information.  Do not fall for this ruse.  Evernote is not contacting people by email, but the identity thieves who stole their email list will be.  The only place to change your password is www.evernote.com.  This is also another good example of the fact that your security is only as safe as the weakest place that holds your information.  Limit the places that do have personal information about you as much as possible.

Read full article |Leave a comment
Tags: , , , , , , , , , , ,
Categories: Site Related

Scam of the day – March 1, 2013 – How to protect yourself from the next Facebook hacking

March 1, 2013 Posted by Steven Weisman, Esq.

Many people spend a considerable amount of time on Facebook.  Identity thieves and hackers know this and are focusing their efforts against both Facebook as a company and individual Facebook users, attempting to gather personal information that can be used to make you a victim of identity theft.  Many people have already been victimized by identity thieves and hackers who are able to either gather information from your Facebook account to make you a victim of identity theft or induce you to download keystroke logging malware that steals all of the personal information from your computer including your Social Security number, credit card numbers, bank account numbers, passwords and other information that leads to your becoming a victim of identity theft.

TIPS

There is nothing you can do to totally guarantee that you will not become a victim of identity theft, however, there are important and relatively easy steps that you can take to protect yourself from identity theft when using Facebook.  Don’t use your proper name for your account.  Don’t make it easy for an identity thief to see who you are.  Don’t list your real birth date.  This is another piece of information that can be exploited by an identity thief.  Never store your credit card number on Facebook or any other website for convenience.  This also makes it quite convenient for an identity thief to access your credit card if he or she hacks into Facebook or your account there.  Be careful about the amounts of what may appear to you to be innocuous information on your Facebook page.  Some of it can lead to the answers to your security questions on various accounts of yours.  Don’t befriend anyone who asks.  Among those new friends might be identity thieves.  Never click on links or downloads from your “friends” unless you have confirmed that both the message containing the link or download actually came from them as opposed to an hacker who has hijacked their account and  that the material being sent is secure.  Follow these steps and you will put a happy face on your Facebook page.

Read full article |Leave a comment
Tags: , , , ,
Categories: Site Related
« Older Entries