This is the eleventh year in a row that the Federal Trade Commission has stated that the number one complaint lodged with it is identity theft. It ranked higher than debt collectors, which was second, and phony sweepstakes. The agency continued by saying that the fasting growing type of this fraud is called impostor scams. In this form of the crime, the would-be fraudster will pose as someone you know, government agencies, trusted companies, or even family, to coax information out of you or get you to buy into their schemes.

This tax season can make you a target. If you get e-mails from the IRS (logo and all), requiring a credit card number to settle outstanding debts, don’t believe the threats the e-mail says about garnishing your wages or imposing liens on your home. This is not how the IRS performs an audit. The IRS doesn’t e-mail or call. They send a notice in the mail. So don’t buy this one.

The other scam the FTC said to be aware of in an evolution to social networks. Grandma and Grandpa are set up on Facebook or some other social network. It was a cute and convenient having setting them up on there, but now they are big victims. This scam uses hacked social network accounts to beg for emergency loans because of stolen wallets or unjust imprisonments, etc. “Send money quick!” is proving to be much more effective than when the scammers were using phone calls.

The FTC is being swamped with new cases daily, and can only do so much on an individual level. The greatest protection at this point is still awareness. It is easier to be what you can identify. The FTC has posted a tip sheet on spotting impostor scams at http://www.ftc.gov under “consumer protection.”

No tags

I man placed a number of pictures on a photo sharing site. He never expected what would happened next.

“Some five years ago, Israeli expat Noam Galai posted a series of five photos of himself screaming on Flickr. Since then, those photos have been reproduced hundreds of times in various forms of media across ~40 countries including Iran, where his face was used as a symbol of civil unrest in anti-government protests.

The kicker? Galai had no clue this was going on.”

-The Daily What

“Artists like their work to be published and seen by as many people as possible… it’s another way to publish my work. It’s not me publishing it, but other people publish my work for me.”

There are setting on such sites to regulate the permission of their redistribution, copyrights, and privacy.

No tags

The next generation of credit cards has been pushed into the limelight. MasterCard has begun using Debit Display on both its MasterCard and Maestro brands in Turkey. These cards generate a random six figure number for per-use entry at the touch of a button on the card itself. The hope is that this will cut down on the identity thefts that occur when the card is not present and it is just the card number the fraudster has.

The downside is that these tiny screens displaying the randomly generated next level of security are LCD. Anyone with a bit of tech experience knows that LCD screens are not exactly impact or bend resistant.

Its a start. The message rings true. As with a great many other industries, the attention has come back to the customer. In a fight to get away from the clutter and the desire to claim more brand awareness, companies are no longer “selling” to us. Rather, they are “catering” to our needs and acknowledging our concerns like a 12-year-old seeking validation from a parent. “Look what we are doing for your security,” these corporate giants are shouting. “We care about your family and your finances!”

The up side to this arms race is the benefits for the consumer keep coming like reparations for years of manipulation and neglect.

No tags

Do You Know Where Your Signal & Data Go?

For starters, no one is more thrilled about WiFi, cloud computing, smartphones or any form of wireless tech than I. But do you know where that little signal goes when you update your Facebook status from your iPhone 4 in the Starbucks on 3^rd and Cherry? Fact of the matter is: I didn’t either. So I did some searching. What I found made me seriously uncomfortable.

Dan Wallach and his undergraduate security class were able to listen in on his Android smartphone as it sent out the signals required to perform certain processes. In particular, the focused on Facebook, Google, and twitter. The used Wireshark, a “network protocol analyzer”, which basically means it grabs traffic midstream and lets the user “browse and analyze”.

What these kids found out is that certain apps, like Soundhound and ShopSaavy actually transmitted the phones GPS coordinates when they were used to make a request. Clicking on some ads within apps will do the same thing too. The VPN configs Android will let you do won’t stop the transmission of these coordinates either. Eerie right? It gets worse.

Google did the best job encrypting your traffic. Still, it doesn’t do it for your Google Calender. This means an eavesdropper can definitely see all your calendar transactions.

So where are you social media outlets at? Well:

“Twitter does everything in the clear, but then your tweets generally go out for all the world to see, so there isn’t really a privacy concern. Twitter uses OAuth signatures, which appear to make it difficult for a third party to create forged tweets.”

and

“Facebook does everything in the clear, much like Twitter. My Facebook account’s web settings specify full-time encrypted traffic, but this apparently isn’t honored or supported by Facebook’s Android app. Facebook isn’t doing anything like OAuth signatures, so it may be possible to inject bogus posts as well. Also notable: one of the requests we saw going from my phone to the Facebook server included an SQL statement within. Could Facebook’s server have a SQL injection vulnerability? Maybe it was just FQL, which is ostensibly safe.”

No tags

This news hails from Germany, where researchers from the Fraunhofer Institute found a method to retrieve all the secrets of your iPhone. They needed six minutes and no authorization. Bid adieu to your private data.

The good news is that any would be hacker/fraudsters need to gain physical access to your device. This means they cannot gain access to your stuff if you never lose the phone, remote attacks are still not known to be possible. The hack reveals user passwords, along with other sensitive info. The phones firmware is compromised, meaning it is jailbroken. After this a series of scripts are run through the device which are capable of getting around the iPhone’s original encryption. The encryption itself remains intact as passwords for email accounts, Wi-Fi networks, and many other things, are yanked from the device. Once the attacker has your emails, Facebook accounts, Twitter accounts, and whatever else can be reset or breeched as well.

Any iOS device currently running the newest Apple firmware could be victimized.

Your greatest safety measure is of course to never let your apple mobile device out of your possession. If an iPhone is lost, don’t abandon all hope, rather go and change all of your email, Amazon, Facebook,  and Twitter accounts immediately. Any service that you logged into from the phone could be in jeopardy. Assume such.

No tags

Image by http://linesandmoodswings.com/

No tags

The world is online. Our good friend Mr. Gates once said “The Internet is becoming the town square for the global village of tomorrow.”  Bill wasn’t wrong. But even small towns have perverts, killers and criminals. They have Facebook in some of the more poverty-stricken and crime-saturated places in the world. You need to make sure your profile is not open to be viewed by anyone, that information like your phone number or home address isn’t there for all to see, and that you’re overall protected.

Many people use Facebook.com as a way to publicize an event they are planning. This is a great tool. There are a few reasons why it’s dangerous to leave such events open to the public. For one, you often need to leave contact information for such events to ensure people will have someone to talk to if they get lost getting there or if they have questions regarding what to bring. Anyone can see this if the event is left public. In the sense of house parties: Do you really want your boss, the authorities, or in some weird twist, the local news, to see what you are planning, what people are saying, who is going, or where it is? Privatize your events.

When it comes to photos, you don’t want every Tom, Dick, and Harry to see them. Upload photos to your wall only. If you go and edit your privacy settings to prevent certain people from seeing your statuses, this will be replicated to wall photos too (unless you specify otherwise). If anything select the friends only for the “make visible to” setting. You can specify if there are others you do not wish to have see your profile and its accompaniments.

Lastly, bare-bone your profile information. There is no need for you to tell everyone where you grew up, where you are living now, what day of the month you were born on, and what your sexual preference is. Please use caution when typing anything into the “About me” text block too. Go to “profile” and then “edit profile” to make changes.

The whole guide provided by Zdnet.com can be found here.

No tags

The digital age has brought about a great many changes in everyone’s lives. It has enabled documents and pictures to be exchanged in seconds. It has allowed for communication across the world. It has however, incurred changes that are negative in nature as well. The theft of people’s personal information has become a growing epidemic of a crime. The faceless nature of internet use has spawned new socially stigmatic behaviors.

Stalking someone online comes with an unfortunate list of advantages for those partaking. As stated earlier, there doesn’t need to be a face attributed to the unscrupulous actions. The stalking can take place in the confines of their own homes. All the info, pictures, updates, check-ins, and blog postings you make public are capable of being viewed by someone in an unhealthy manner. What’s worse, you will never be made aware of this.

Then there is big brother. Maybe it’s not a stalker you need to be worried with. Maybe it’s the fact that you are constantly being monitored and catalogued. Whatever the case may be, you can get off the grid. It’s hard. Some sacrifices need to be made. And it takes changing some habits and lifestyle choices. These are extremes I know, but humor me. This is how you disappear, complements of How to Disappear: Erase Your Digital Footprint, Leave False Trails, and Vanish without a Trace by Frank M. Ahearn and Eileen C. Horan.

• When you do go off the grid, there is no fuss and no elaborate drama.
• Nix the social connections. This means saying goodbye to social networks like Facebook
• Say goodbye to credit cards. Its cash from here on in.
• Lie. If and when people seek you out, you want them looking in the wrong places. (i.e. “correct” the spelling of your name with the local utility company)
• Make and use your own corporation as an entity that leases your apartment, pays your utility bills, and otherwise delegates your money.

No tags

There is an organization that’s sole purpose is to help people who have become victims of identity theft. It is called the National Organization for Victim Assistance (NOVA). NOVA provide consumers with aid and awareness that is needed following an identity theft. NOVA does not require a specific set of criteria and is available to all victims of identity theft. They can be reached online, www.trynova.org or by calling 1-800-TRY-NOVA.

Another entity working against this growing crime is The National Crime Prevention Council (NCPC) they are working together with the company LifeLock to develop the “Identity Smart: A Guide for Consumers to Help Protect Against Identity Theft.” This is a free book that is available for download and can be shared with everyone in your communities. If you or someone you know may be interested in educating your community about identity theft this can be a huge step. They help to educate consumers and do so free of charge. You can check out their Speakers Series to learn more.

Contact Information:

Paige Pedersen, Manager, Educational Programs
Office: 480-457-2108
E-mail: paige.pedersen@lifelock.com

No tags

The FBI Law Enforcement Executive Development Association (FBI-LEEDA) is going to working closely with the identity protection company LifeLock® to sponsor an identity theft summit for Dallas-area law enforcement on Thursday, January 6, 2011.

The summit will be made available for Chiefs, Sheriffs, Investigative Supervisors, Fraud Unit Investigators, Patrol Officers and Community Policing Personnel, Special Agents, Elected Officials. Since 2008 when the two entities joined forces, 2,600 law enforcement officials have received education on the topic of identity crime, prevention, and trends.

The FBI-LEEDA is considered a 501(c)(3) corporation, a type of non-profit. Their partner in the event, LifeLock®, has been considered by some as the industry leader in proactive identity theft protection.

Both parties will help to present a one-day and an advanced two-day summit. The summit will cover:

• Relevant Identity Theft Laws
• High Technology Identity Theft
• Identity Theft Awareness And Protection Strategies
• Databases To Assist In Identity Theft Investigations
• Victim’s Assistance
• Investigative Techniques

Hosted by Sheriff Lupe Valdez and the Dallas County Sheriff’s Office, the summit in Texas is free to all law enforcement. The next event will take place in Fargo, ND on May 24.

No tags