Scam of the day – October 5, 2014 – More banks hacked by suspected hackers of J.P. Morgan Chase

With news of the massive data breach at J.P. Morgan Chase in which names, addresses, phone numbers and email addresses of 76 million households and 7 million small businesses were stolen by what appears to be Russian hackers who may or may not be affiliated with the Russian government dominating the news, it seems perfectly appropriate to wish you a happy National Cybersecurity Awareness month.  As frightening as the spectre of a major American bank being vulnerable to vulnerable to such a massive data breach, you may remember that when the story broke last August of the possible data breach at J.P. Morgan Chase, reports were that there were as many as four other banks that had similarly been hacked.  Now, according to a report in the New York Times, that number is actually risen to nine other major financial institutions that may have suffered data breaches at the hands of the same hackers.  Therefore even if you are not a customer of J.P. Morgan Chase, you should be extra vigilant in regard to all of your financial accounts.

TIPS

Now is the time to implement a eight step approach to protecting yourself from identity theft and data breaches.  The first step is to change your password regularly, such as every six months.  A good password has a mixture of capital letters, small letters, symbols and digits.  Don’t use any word in the dictionary because hackers have computer programs that can guess your password. Instead use a phrase, such as IHate2UsePasswords!!.  This is a very secure password.  You should also have a separate and distinct password for each of your accounts, but you can merely adapt this basic password by adding a couple of distinguishing letters for each account.  For example, you could make this your Amazon password by adding the letters “Am” at the end of your basic password so it reads IHate2UsePasswords!!Am.  This is easy to remember.

You should also use dual factor authentication on your accounts when available.  Dual factor identification provides you with an extra level of security by which more than a password is necessary to gain access to your account.  Generally, when you log in through your password to an account a code is then sent to your smartphone which you then must input in order to access your account.

You also should change the answer to your security question to something completely nonsensical.  Answering a security question is required if you forget your password or if you want to change your password.  Unfortunately the answers to common security questions, such as your mother’s maiden name can be found with a little effort by an identity thief in the many places on the Internet that store personal information.  So instead of the answer to your mother’s maiden name being “Jones,” change it to “Grapefruit.”  No identity thief will find it or guess it and it is silly enough for you to remember.

Don’t click on links or download attachments in any email, text message or social media posting unless you have absolutely confirmed that it is legitimate.  Identity thieves and hackers lure people into clicking on links in such communications that results in the victims downloading keystroke logging malware that can steal all of the information from your computer.

Don’t provide personal information over the phone to anyone whom you have not called.  You can never be sure if the person calling you is legitimate regardless of how compelling the reason he or she gives for you to provide personal information.  Don’t rely on your Caller ID because through a technique called “spoofing” an identity thief can make it appear that his or her call is from the IRS, your bank or some other legitimate entity.  If you think the call may be legitimate, hang up and call the company or agency at a number that you know is real, not the number the caller gives you.

Review all of your accounts regularly and carefully to note the smallest charge that should not be there.  Sometimes identity thieves will put regular reoccurring charges on your credit card or phone bill in the hope that you will not bother to look further into it because the charge is so small.  The earlier you catch identity theft, the easier it is to deal with.

Check your credit report from each of the three major credit reporting agencies every year for evidence of fraud or even mistakes that need to be corrected.  Here is the link to the only official place to get your free credit report https://www.annualcreditreport.com/index.action

Put a credit freeze on your credit report so that even if an identity thief obtains your Social Security number, he or she cannot gain access to your credit report.  Yesterday’s Scam of the day contains the links to the credit reporting agencies to use to freeze your credit.

Scam of the day – May 30, 2013 – Iranian attacks on American banks

It should come as no surprise to regular readers of Scamicide because I have been warning you about this for many months, that the American banking system is under intense cyberattack from cybercriminals intent upon disrupting our financial system.  These attacks could have a  profound effect on you if you do not take the proper precautions.  Recently the source of many of these cyberattacks has been traced to Iran and, due to the sophistication of the recent attacks, it is speculated that the attacks are part of a governmental effort against the American banking system rather than the work of just common cybercriminals.  This situation will get worse before it gets better, however there are some things that you can do to protect yourself.

TIPS

Be a part of the solution and not a part of the problem.  Online banking is still the most safe way to do your banking, but online banking security starts with a secure password that is difficult for cybercriminals to decipher.  Don’t use any word that is in the dictionary.  Computer programs used by identity thieves can crack any such password in short order.  Use a mixture of letters and symbols, the longer the better.  Including signs that are easy for you to remember, such as $ or ! and in multiples as a part of your password can dramatically enhance the security of your password and your account.  Also, refrain from using public WIFI for financial transactions and when you do use WIFI, make sure your tablet, laptop, or smartphone contains the most up to date security and encryption software.  Also, keep hard copies and a USB flash drive of your banking records to help prove what you have in your account if you account is hacked.  Finally, when disposing of paper records of your bank account, make sure you use a cross shredder so that the records cannot be used to make you a victim of identity theft.