EBay falls for false EBay email!!

Sensei Posted in Identity Theft
0

From the you can never be to careful category… Ebay tricked by phony e-mail. A sophisticated phishing attack has proven to be so successful, it has tricked eBay Inc.’s own fraud investigations team into endorsing it as legitimate, according to an independent security consultant who reported the attack to eBay. In late November, Richi Jennings received a fraudulent e-mail message containing the subject line “Christmas is Coming on ebay.co.uk.” Offering him “great tips for successful Christmas selling,” the message directed him a Website that asked Jennings to enter his eBay user name and password, as well as the name and password for his e-mail account. Jennings reported the site to eBay on November 25, and four days later he got a note back from the company’s investigations team claiming that the e-mail message was, in fact, “an official e-mail message sent to you on behalf of eBay.” On Monday, December 5, eBay spokesperson Amanda Pires confirmed that the e-mail message was indeed part of a fraud, but she could not explain why it had
initially been identified as legitimate. Pires said that eBay had been working to take down the phishing site since November 8.
[ Source ]

Hackers using Camera Phones!

Sensei Posted in Identity Theft
0

Hackers steal sensitive data using digital cameras. Following a spate of reports about Bluetooth and iPods devices being used to steal sensitive data from organizations, businesses are now urged to be vigilant as hackers use digital cameras to sidestep security measures. “Camsnuffling,” is being used by computer attackers to extract and store data with the help of digital camera. The digital camera device, just like iPod and Bluetooth, is a simple digital storage device. Hence, simply plugging it into a computer’s USB can allow
hackers to obtain sensitive data. “This is a very difficult issue to manage and a real threat to business continuity and data security,”
according Ian Callens, of computer services company Icomm Technologies. “There are, however, steps that can be taken to reduce rogue behavior,” said Callens. “Firstly, regularly change system passwords that employ both letters and numerals. Secondly, issue internal memo’s to ask all to be vigilant, stating that observations are being undertaken. Thirdly, consider adopting specific software to monitor activity to actively manage the access rights to removable storage devices. This should ensure that business productivity is not affected, while actively guarding against the removal of data or the introduction of inappropriate or malicious content to the network,” said Callens.
[ Source ]

University Computer’s Breached

Sensei Posted in Identity Theft
0

Two university computers’ security breached. Two recent security breaches of computers at the University of Delaware may have exposed the names and Social Security numbers stored in databases, university officials said. A School of Education computer was attacked in late August by a hacker whose intent appears to have been to establish an illegal movie sharing system. The computer contained a database that included Social Security numbers of 772 students registered in online education courses. A Department of English computer also was hacked in August in an apparent attempt to log on to and control one server, and then gain control over other campus servers. In both of the unrelated cases, the objective of the intruder seemed to be unrelated to the fact the databases contained personal information, officials said. To date, there has been no indication that any identity theft has occurred as a result of these incidents. The University of Delaware is located in Newark, DE.
[ Source ]

IRS Email Scam

Sensei Posted in Identity Theft
0

Internal Revenue Service – IRS warns of e-mail scam about tax refunds. The Internal Revenue Service on Wednesday, November 30, issued a consumer alert about an Internet scam in which consumers receive an e-mail informing them of a tax refund. The e-mail, which claims to be from the IRS, directs the consumer to a link that requests personal information, such as Social Security number and credit card information. This scheme is an attempt to trick the e-mail recipients into disclosing their personal and financial data. The information fraudulently obtained is then used to steal the taxpayer’s identity and financial assets. The fake e-mail, which claims to come from “tax refunds@irs.gov,” tells the recipient that he or she is eligible to receive a tax refund for a given amount. It then says that, to access a form for the tax refund, the recipient must use a link contained in the e-mail. The link then asks for the personal and financial information.
The IRS does not ask for personal identifying or financial information via unsolicited e-mail. Additionally, taxpayers do not have to complete a special form to obtain a refund.
[ Source ]

Defense Industry ID Theft

Sensei Posted in Identity Theft
0

Laptop stolen from aerospace company holding personal information on employees. Boeing announced on Friday, November 18, that personal information on 161,000 current and former employees was put at risk of exposure with the theft of a laptop computer belonging to a company human-resources employee. The exposed information includes names, Social Security numbers and, for some, birth dates, bank names and account numbers. Also on the stolen computer are some employees’ home addresses and bank-account routing numbers for direct-deposit paychecks. Boeing said it has no evidence that the theft, which took place away from Boeing’s offices, has resulted in any information being revealed.
It said there was no classified, supplier, customer, engineering or material financial information on the computer. It’s very possible no one has accessed the data, and even if they did, it would be quite an effort to put it together in a usable format,” said spokesperson Tim
Neale. The computer is password-protected, though the data on it isn’t encrypted, he said.
Convenient for them to think there isn’t a problem because it would be difficult to compile the data on this unecrypted, non-password protected system! Glad to see our defense industry takes security so seriously, perhaps that is why China has made so many technology advances recently.
[ Source ]

Identity theft continues to grow

Sensei Posted in Identity Theft
0

Identity thieves, some acting alone and others well-organized, are fleecing Americans out of billions of dollars each year, participants were told Wednesday at an annual conference of the South Dakota Housing Development Authority. Even tiny scraps of information, such as someone’s name or address, can be enough of a start for wily crooks to gain access to bank accounts and other financial holdings, said Robert Douglas, chief executive officer of Privacy Today, a Colorado-based firm that provides consulting services on data security and identity fraud. Douglas said identity fraud is flourishing because many people are gullible or careless with information that can be used to steal money, stalk the unsuspecting or even provide targets and financing for terrorists.
Like in most cases of defense it is the victims trusting nature, gullibility or carelessness that often puts them in harms way. Awareness training is what is lacking. Parents should be teaching their children to be more aware of the dangers in the world, I’m sure the parents who have had their idenitity stolen will!

Safeway Discloses Security Breach

Sensei Posted in Identity Theft
0

Monterey Herald (CA) — Safeway Inc. has notified employees in California that their personal information may have been compromised when a company laptop was stolen from a manager’s home in August. The computer contained reports that included names, Social Security numbers, hire dates and work locations of employees in California and Hawaii, according to a company letter sent to current and former employees dated October 14. No employees have reported problems with their credit since they became aware of the situation, according to Safeway representatives. The computer was protected with a power on password.
[ Source ]

How easy is it to steal someone’s identity?

Sensei Posted in Identity Theft
0

Slashdot, a popular technology news blog, is running this discussion on what can really be done without a social security number. Most of the posted comments trend towards the juvenile however there are enough insightful posts to make it worth perusing. Many of the ideas and views presented help to illustrate the problem we have in protecting ourselves from Identity Theft. Unfortunately in discussing this topic the information is usually as beneficial to criminals as it is to people attempting to protect themselves, however, the criminal mind will undoubtedly figure this out regardless. An interesting comment was about the ease with which Identity information (social security number, mother’s maiden name, DOB, POB, etc) was elicited from University students with the simple offer of some trinkets! What better person’s identity to steal then a budding college student!
This line of thinking brings me full circle back to the Martial Arts and Self-Defense, you are never to young to begin awareness training. Parents take note, the earlier your child begins awareness training the less likely they will fall for a similar scam or find themselves in a hostile situation. How does this relate to Identity Theft, awareness is the first line of defense in any type of protective maneuvers. Awareness of your surroundings and those round you will often serve to thwart most attacks, including a social attack to gain your identity! So the next time someone offers you a free t-shirt to give up your identity, think about it first! And for all you adults reading this, it is never to late to start your own awareness training!

Police Scammed!

Sensei Posted in Identity Theft
1

This is a few days old but seemed worth repeating! Seems no one is immune to the wiles of a good con artist! Not even the Police, who should know better!! Seems a Wisconsin man has been jailed in hurricane scam. A man from Green Bay, WI, accused of perpetrating a Hurricane Katrina scam, is jailed on $50 million dollars bond in New Orleans. Scott Benson is charged with extracting personal information from 2,500 police officers and other emergency workers in New Orleans following the hurricane. Benson is booked on 2,500 counts of false impersonation and 2,500 counts of identity theft. Prosecutors say Benson and another man, Christ Armstrong of Orlando, FL, had officers sign application forms that included personal information in order to receive $5,000 dollars from Viacom. The men are accused of planning to use information from the emergency workers to steal disaster assistance that was supposed to go to hurricane victims.
Source

University increases students risk of Identity Theft

Sensei Posted in Identity Theft
0

Montclair, NJ, USA
A mistake made by a Montclair State University (MSU) employee has put more than 75 percent of the university’s undergraduates at risk for identity theft. For the past five months, the Social Security numbers of 9,100 MSU undergraduates were searchable by Internet search engines. The university was advised of the problem on October 7 when a student, who found his personal information online after an Internet search, contacted MSU’s Information Technology Department. According to Ann Frechette, MSU’s executive director of communications and marketing, a university employee accidentally stored the Social Security numbers and declared majors of the students on MSU’s Web server. The employee, Frechette said, believed the files were secure, or nonsearchable, because they were not linked onto the university’s Website. “But in fact, anything stored on the Web server is searchable by Web engines,” Frechette said. Working with the New Jersey State Attorney General’s Office, the university was able to remove all files from Internet caches by October 12, five days after the university was notified about the problem. MSU is located in Montclair, NJ.
[ Source ]