From Dark Reading:
FBI: Business- and Email Account Compromise Attack Losses Hit $5 Billion
"The FBI's IC3 division reports a 2,370% spike in exposed losses resulting from BEC and EAC between January 2015 and December 2016.
The FBI's Internet Crime Complaint Center (IC3) reports business email compromise (BEC) and email account compromise (EAC) attacks caused $5.3 billion in exposed loss for global and domestic companies between October 2013 and December 2016. Victims, which come from 50 states and 131 countries, reported a total of 40,203 incidents in the same time period."
Showing posts with label ID Theft. Show all posts
Showing posts with label ID Theft. Show all posts
Friday, May 5, 2017
Europe Pumps Out 50% More Cybercrime Attacks Than US
From Dark Reading:
Europe Pumps Out 50% More Cybercrime Attacks Than US
"Cyberattacks originating from Europe were substantially higher than nefarious activity launched from the US during the first quarter.
Cybercrime attacks launched from Europe reached more than 50 million in the first quarter, double the volume coming out of the US, according to the ThreatMetrix Q1 Cybercrime Report released today."
Europe Pumps Out 50% More Cybercrime Attacks Than US
"Cyberattacks originating from Europe were substantially higher than nefarious activity launched from the US during the first quarter.
Cybercrime attacks launched from Europe reached more than 50 million in the first quarter, double the volume coming out of the US, according to the ThreatMetrix Q1 Cybercrime Report released today."
Thursday, May 4, 2017
Google Docs Phishing Attack Abuses Legitimate Third-Party Sharing
From Dark Reading:
Google Docs Phishing Attack Abuses Legitimate Third-Party Sharing
"Phishing messages appear nearly identical to legitimate requests to share Google documents, because in many ways, they are.
Google users today were hit with an extremely convincing phishing spree launched by attackers who manipulated Google Docs' legitimate third-party sharing mechanism."
Google Docs Phishing Attack Abuses Legitimate Third-Party Sharing
"Phishing messages appear nearly identical to legitimate requests to share Google documents, because in many ways, they are.
Google users today were hit with an extremely convincing phishing spree launched by attackers who manipulated Google Docs' legitimate third-party sharing mechanism."
Concern mounts at Indian ID scheme as portals ‘leak’ 100m people’s details
From Sophos Naked Security:
Concern mounts at Indian ID scheme as portals ‘leak’ 100m people’s details
"The details of more than 100m Indians’ Aadhaar ID cards have leaked from four government portals, according to a report from the Centre for Internet and Society (CIS).
Concern mounts at Indian ID scheme as portals ‘leak’ 100m people’s details
"The details of more than 100m Indians’ Aadhaar ID cards have leaked from four government portals, according to a report from the Centre for Internet and Society (CIS).
Based on the numbers available on the websites looked at, [the] estimated number of Aadhaar numbers leaked through these four portals could be around 130-135 million"
Tuesday, May 2, 2017
Fraudsters draining accounts with ‘SIM swaps’ – what to do
From Sophos Naked Security:
Fraudsters draining accounts with ‘SIM swaps’ – what to do
"Have you ever lost your mobile phone?
If so, you already know that your mobile provider will happily sell you a new phone and give you a brand new SIM card to activate the handset.
Lo and behold, when you fire up the new phone, it has your old number, so you don’t need to give all your friends and colleagues a new one."
Fraudsters draining accounts with ‘SIM swaps’ – what to do
"Have you ever lost your mobile phone?
If so, you already know that your mobile provider will happily sell you a new phone and give you a brand new SIM card to activate the handset.
Lo and behold, when you fire up the new phone, it has your old number, so you don’t need to give all your friends and colleagues a new one."
Monday, May 1, 2017
FTC Offers ID Theft Victims Online Crime Reporting Tool
From Dark Reading:
FTC Offers ID Theft Victims Online Crime Reporting Tool
"ID theft victims can report their cybercrime attack to the Federal Trade Commission, without having to file a police report in most cases.
ID theft victims now have an alternative to filing a police report, a self-service online reporting tool from the Federal Trade Commission (FTC)."
FTC Offers ID Theft Victims Online Crime Reporting Tool
"ID theft victims can report their cybercrime attack to the Federal Trade Commission, without having to file a police report in most cases.
ID theft victims now have an alternative to filing a police report, a self-service online reporting tool from the Federal Trade Commission (FTC)."
Friday, April 28, 2017
US-CERT Alert: FTC Releases Announcement on Identity Theft
From US-CERT:
FTC Releases Announcement on Identity Theft
"The Federal Trade Commission (FTC) recommends that consumers who are affected by identity theft file a report at IdentityTheft.gov—a one-stop resource to help you report and recover from identity theft. Information provided there includes checklists, sample letters, and links to other resources."
FTC Releases Announcement on Identity Theft
"The Federal Trade Commission (FTC) recommends that consumers who are affected by identity theft file a report at IdentityTheft.gov—a one-stop resource to help you report and recover from identity theft. Information provided there includes checklists, sample letters, and links to other resources."
Thursday, April 27, 2017
IRS and Immigration Officials Impersonated in Call Center Scam
From Dark Reading:
IRS and Immigration Officials Impersonated in Call Center Scam
"A call center in India was used to scare US residents with threats of imprisonment and deportation in a ruse that impersonated US officials.
With stolen data and a call center based in India, a group of thieves impersonated Internal Revenue Service and US Citizenship and Immigration Services officials to scare money out of US residents."
IRS and Immigration Officials Impersonated in Call Center Scam
"A call center in India was used to scare US residents with threats of imprisonment and deportation in a ruse that impersonated US officials.
With stolen data and a call center based in India, a group of thieves impersonated Internal Revenue Service and US Citizenship and Immigration Services officials to scare money out of US residents."
How much are you giving away to fraudsters on Facebook?
From Sophos Naked Security:
How much are you giving away to fraudsters on Facebook?
"How much personal information are you giving fraudsters access to on Facebook? Are you giving them enough information to steal your identity?
Information Age reported recently that an online survey conducted by YouGov in the UK had found that almost 30% of adults with social media accounts “include their full name and date of birth on their profiles” – that’s two of the three key pieces of information a fraudster needs to steal your identity."
How much are you giving away to fraudsters on Facebook?
"How much personal information are you giving fraudsters access to on Facebook? Are you giving them enough information to steal your identity?
Information Age reported recently that an online survey conducted by YouGov in the UK had found that almost 30% of adults with social media accounts “include their full name and date of birth on their profiles” – that’s two of the three key pieces of information a fraudster needs to steal your identity."
Tuesday, April 25, 2017
Kelihos Botnet Author Indicted in U.S.
You. Will. Get. Caught. From SecurityWeek:
Kelihos Botnet Author Indicted in U.S.
"The alleged author of the Kelihos botnet has been charged in an eight-count indictment returned by a federal grand jury in Bridgeport, Connecticut, after being arrested in Spain earlier this month.
Peter Yuryevich Levashov, 36, a Russian national also known as Petr Levashov, Peter Severa, Petr Severa and Sergey Astakhov, was charged last week with one count of causing intentional damage to a protected computer, one count of conspiracy, one count of accessing protected computers in furtherance of fraud, one count of wire fraud, one count of threatening to damage a protected computer, two counts of fraud in connection with email, and one count of aggravated identity theft."
Kelihos Botnet Author Indicted in U.S.
"The alleged author of the Kelihos botnet has been charged in an eight-count indictment returned by a federal grand jury in Bridgeport, Connecticut, after being arrested in Spain earlier this month.
Peter Yuryevich Levashov, 36, a Russian national also known as Petr Levashov, Peter Severa, Petr Severa and Sergey Astakhov, was charged last week with one count of causing intentional damage to a protected computer, one count of conspiracy, one count of accessing protected computers in furtherance of fraud, one count of wire fraud, one count of threatening to damage a protected computer, two counts of fraud in connection with email, and one count of aggravated identity theft."
Thursday, July 16, 2015
Will ID Protection Offer Set New Standard?
From Data Breach Today:
Will ID Protection Offer Set New Standard?
Blue Cross Blue Shield plans' groundbreaking offer, in the wake of mega-breaches, of extended ID protection to all of the more than 106 million individuals covered by their insurance could set new expectations for breach response, some security experts predict.
In the aftermath of a breach, compromised companies often offer free credit monitoring and identity fraud protection services for a limited period of time, generally a year or two. That's why the July 14 announcement by the Blue Cross Blue Shield Association that each of its 36 affiliated Blues plans will begin offering free identity protection services to their members for as long as they're enrolled in the plans' insurance coverage is extraordinary.
Will ID Protection Offer Set New Standard?
Blue Cross Blue Shield plans' groundbreaking offer, in the wake of mega-breaches, of extended ID protection to all of the more than 106 million individuals covered by their insurance could set new expectations for breach response, some security experts predict.
In the aftermath of a breach, compromised companies often offer free credit monitoring and identity fraud protection services for a limited period of time, generally a year or two. That's why the July 14 announcement by the Blue Cross Blue Shield Association that each of its 36 affiliated Blues plans will begin offering free identity protection services to their members for as long as they're enrolled in the plans' insurance coverage is extraordinary.
ID thief who scooped data on 200 million Americans jailed for 13 years
From Sophos Naked Security:
ID thief who scooped data on 200 million Americans jailed for 13 years
A Vietnamese national whose websites put personal information on over 200 million US citizens up for sale has been sentenced to 13 years in prison.
Hieu Minh Ngo, 25, pleaded guilty in March 2014 to operating what is described as "a massive international hacking and identity theft scheme," after being arrested on entering the US in February 2013.
ID thief who scooped data on 200 million Americans jailed for 13 years
A Vietnamese national whose websites put personal information on over 200 million US citizens up for sale has been sentenced to 13 years in prison.
Hieu Minh Ngo, 25, pleaded guilty in March 2014 to operating what is described as "a massive international hacking and identity theft scheme," after being arrested on entering the US in February 2013.
Wednesday, July 1, 2015
Hundreds of .gov Found in Public Hacker Dumps
From Wired:
Hundreds of .gov Found in Public Hacker Dumps
It’s no surprise that careless government employees use their .gov email addresses to sign up for all sorts of personal accounts. But when those insecure third party services are breached by hackers—and if those employees were foolish enough to reuse their .gov passwords, too—that carelessness can offer a dead-simple backdoor into federal agencies, with none of the usual “sophisticated Chinese attackers” required.
Hundreds of .gov Found in Public Hacker Dumps
It’s no surprise that careless government employees use their .gov email addresses to sign up for all sorts of personal accounts. But when those insecure third party services are breached by hackers—and if those employees were foolish enough to reuse their .gov passwords, too—that carelessness can offer a dead-simple backdoor into federal agencies, with none of the usual “sophisticated Chinese attackers” required.
FTC Alert: 1.5 minutes can save you…a heap of trouble!
From the Federal Trade Commission:
1.5 minutes can save you…a heap of trouble!
We’ve all heard the ads saying that 15 minutes can save you 15%. Some ads claim to save you more in even less time. Well, the FTC can save you lots of headaches in about a minute and a half. We recently released new short videos explaining the basics about three topics that affect millions of us:
1.5 minutes can save you…a heap of trouble!
We’ve all heard the ads saying that 15 minutes can save you 15%. Some ads claim to save you more in even less time. Well, the FTC can save you lots of headaches in about a minute and a half. We recently released new short videos explaining the basics about three topics that affect millions of us:
Friday, June 5, 2015
How Apple Pay Can Be Hacked to Steal Your Credit Card Details
From The Hacker News:
How Apple Pay Can Be Hacked to Steal Your Credit Card Details
Today anywhere you go, you will come across Free or Public WiFi hotspots -- it makes our travel easier when we stuck without a data connection.
How Apple Pay Can Be Hacked to Steal Your Credit Card Details
Today anywhere you go, you will come across Free or Public WiFi hotspots -- it makes our travel easier when we stuck without a data connection.
Wednesday, June 3, 2015
Ex-NBA All Star Chris Gatling accused of being ID theft kingpin
From Sophos Naked Security:
Ex-NBA All Star Chris Gatling accused of being ID theft kingpin
Former NBA All-Star Chris Gatling was arrested in Scottsdale, Arizona on Saturday and charged with being the kingpin in a credit card and identity theft scam.
TMZ reports that one of the former basketball athlete's alleged victims was a woman he met on a dating site.
Ex-NBA All Star Chris Gatling accused of being ID theft kingpin
Former NBA All-Star Chris Gatling was arrested in Scottsdale, Arizona on Saturday and charged with being the kingpin in a credit card and identity theft scam.
TMZ reports that one of the former basketball athlete's alleged victims was a woman he met on a dating site.
Thursday, May 28, 2015
IRS believes cyberattack originated in Russia, sources say
From Fox News:
IRS believes cyberattack originated in Russia, sources say
The IRS believes that criminals behind a major security breach that allowed them to access tax information from more than 100,000 U.S. households were based in Russia, sources confirmed to Fox News Wednesday.
A well-placed cyberintelligence source familiar with the investigation into the breach told Fox News that the attack, which breached the IRS system, originated out of Russia. Additionally, the IRS alerted the Department of Homeland Security following the breach, a federal law enforcement official said.
IRS believes cyberattack originated in Russia, sources say
The IRS believes that criminals behind a major security breach that allowed them to access tax information from more than 100,000 U.S. households were based in Russia, sources confirmed to Fox News Wednesday.
A well-placed cyberintelligence source familiar with the investigation into the breach told Fox News that the attack, which breached the IRS system, originated out of Russia. Additionally, the IRS alerted the Department of Homeland Security following the breach, a federal law enforcement official said.
Saturday, May 16, 2015
Three women indicted for allegedly stealing identities from people's passports
I linked to a story about this earlier in the week but it bears repeating.
From Sophos Naked Security:
Three women indicted for allegedly stealing identities from people's passports
Three women from Houston, Texas, have been indicted for allegedly stealing personal information from passports and using it for identity theft.
From Sophos Naked Security:
Three women indicted for allegedly stealing identities from people's passports
Three women from Houston, Texas, have been indicted for allegedly stealing personal information from passports and using it for identity theft.
Wednesday, May 13, 2015
US Passport Agency contractor stole applicants’ data to steal their identities
From Help Net Security:
US Passport Agency contractor stole applicants’ data to steal their identities
Three women from Houston, Texas, stand accused of engaging in an identity theft scheme in which one of them, a contract employee of the Department of State Passport Agency, was in charge of stealing personally identifiable information of persons applying for a passport.
US Passport Agency contractor stole applicants’ data to steal their identities
Three women from Houston, Texas, stand accused of engaging in an identity theft scheme in which one of them, a contract employee of the Department of State Passport Agency, was in charge of stealing personally identifiable information of persons applying for a passport.
How Mother's Day Facebook celebrations can lead to identity theft
Wish I would've caught this when it was first published. Better late than never.
From Sophos Naked Security:
How Mother's Day Facebook celebrations can lead to identity theft
A couple of weeks ago I explained why you shouldn't reveal your Royal Wedding guest name. Now I have to warn you that celebrating Mother's Day can lead to you giving away too much personal information about your children.
From Sophos Naked Security:
How Mother's Day Facebook celebrations can lead to identity theft
A couple of weeks ago I explained why you shouldn't reveal your Royal Wedding guest name. Now I have to warn you that celebrating Mother's Day can lead to you giving away too much personal information about your children.
Subscribe to:
Posts (Atom)