One Mainframe to Rule Them All is a 50 minute documentary produced by Greg Nickolettos. The film starts with a monologue from Nazi Nexus author Edwin Black on WWII datalust and IBM. It then swiftly moves to current events surrounding injectible identity from Verichip, a corporation marketing an implanted RFID chip for seemingly pragmatic health care solutions.
Cybercriminals Take Advantage of the Holiday Season, Aiming to Steal Consumers’ Money, Identities and Financial Information
As cybercriminals begin to take advantage of the holiday season, McAfee, Inc. revealed the “Twelve Scams of Christmas” – the twelve most dangerous online scams that computer users should be cautious of this holiday season. According to Consumer Reports’ 2009 State of the Net Survey, cybercriminals have bilked $8 billion from consumers in the past two years, and McAfee warns consumers not to fall victim to the top scams this year.
Being that I’m on McAfee’s Consumer Advisory Board, I’m advising you to adhere to the following:
Previous first 3 of Twelve Scams of Christmas here. McAfee’s 3 more of Twelve Scams of Christmas below.
Scam IV: The Dangers of Holiday E-Cards
Cyber thieves cash in on consumers who send holiday e-cards in an effort to be environmentally conscious. Last holiday season, McAfee Labs discovered a worm masked as Hallmark e-cards and McDonald’s and Coca-Cola holiday promotions. Holiday-themed PowerPoint e-mail attachments are also popular among cybercriminals. Be careful what you click on.
Scam V: “Luxury” Holiday Jewelry Comes at a High Price
McAfee Labs recently uncovered a new holiday campaign that leads shoppers to malware-ridden sites offering “discounted” luxury gifts from Cartier, Gucci, and Tag Heuer. Cybercriminals even use fraudulent logos of the Better Business Bureau to trick shoppers into buying products they never receive.
Scam VI: Practice Safe Holiday Shopping – Online Identity Theft on the Rise
Forrester Research Inc. predicts online holiday sales will increase this year, as more bargain hunters turn to the Web for deals. While users shop and surf on open hotspots, hackers can spy on their activity in an attempt to steal their personal information. McAfee tells users never to shop online from a public computer or on an open Wi-Fi network.
Stay tuned to parts III & IV.
Get a credit freeze. Go online now and search “credit freeze” or “security freeze” and go to consumersunion.org and follow the steps for the state you live in. This is an absolutely necessary tool to secure your credit. In most cases it prevents new accounts from being opened in your name. This makes the SSN useless to the thief.
Invest in Intelius Identity Theft Protection and Protection. While not all forms of identity theft can be prevented, you can effectively manage your personal identifying information by knowing what’s buzzing out there in regards to YOU.
Robert Siciliano, identity theft speaker, discusses Black Friday and Cyber Monday on FOX BostonCybercriminals Take Advantage of the Holiday Season, Aiming to Steal Consumers’... more
Cybercriminals Take Advantage of the Holiday Season, Aiming to Steal Consumers’ Money, Identities and Financial Information
As cybercriminals begin to take advantage of the holiday season, McAfee, Inc. revealed the “Twelve Scams of Christmas” – the twelve most dangerous online scams that computer users should be cautious of this holiday season. According to Consumer Reports’ 2009 State of the Net Survey, cybercriminals have bilked $8 billion from consumers in the past two years, and McAfee warns consumers not to fall victim to the top scams this year.
“Cybercriminals’ use their best schemes during the holidays to steal people’s money, credit card information, social security number and identity,” said Jeff Green, senior vice president of McAfee Labs. “These thieves follow seasonal trends and create holiday-related Web sites, scams and other convincing e-mails that can trick even the most cautious users.”
Being that I’m on McAfee’s Consumer Advisory Board, I’m advising you to adhere to the following:
McAfee’s 3 of Twelve Scams of Christmas
Scam I: Charity Phishing Scams – Be Careful Who You Give To
During the holiday season, hackers take advantage of citizens’ generosity by sending e-mails that appear to be from legitimate charitable organizations. In reality, they are fake Web sites designed to steal donations, credit card information and the identities of donors.
Scam II: Fake Invoices from Delivery Services to Steal Your Money
During the holidays, cybercriminals often send fake invoices and delivery notifications appearing to be from Federal Express, UPS or the U.S. Customs Service. They e-mail consumers asking for credit card details to credit back the account, or require users to open an online invoice or customs form to receive the package. Once completed, the person’s information is stolen or malware is automatically installed on their computer.
Scam III: Social Networking – A Cybercriminal “Wants to be Your Friend”
Cybercriminals take advantage of this social time of the year by sending authentic-looking “New Friend Request” e-mails from social networking sites. Internet users should beware that clicking on links in these e-mails can automatically install malware on computers and steal personal information.
Stay tuned to parts II, III & IV.
Get a credit freeze. Go online now and search “credit freeze” or “security freeze” and go to consumersunion.org and follow the steps for the state you live in. This is an absolutely necessary tool to secure your credit. In most cases it prevents new accounts from being opened in your name. This makes the SSN useless to the thief.
Invest in Intelius Identity Theft Protection and Protection. While not all forms of identity theft can be prevented, you can effectively manage your personal identifying information by knowing what’s buzzing out there in regards to YOU.
Robert Siciliano, identity theft speaker, discusses Christmas Holiday Scams on Mike and Juliet.Cybercriminals Take Advantage of the Holiday Season, Aiming to Steal Consumers’... more
Swatting is making prank calls to emergency services. In the field of information security, swatting is an attempt to trick an emergency service (such as a 911 operator) to dispatch an emergency response team, generally a SWAT team. SWAT is (Special Weapons and Tactics).
Caller ID spoofing technologies are used to send law officers on bogus calls along with, social engineering, and phone phreaking techniques combined. 911 systems (including telephony and human operators) have been tricked by calls placed from cities hundreds of miles away.
Caller ID spoofing is the practice of causing the telephone network to display a number on the recipient’s caller ID display which is not that of the actual originating caller. Similar to e-mail spoofing which can make it appear that a message came from any e-mail address the sender chooses, caller ID spoofing can make a call appear to have come from any phone number. Most people trust caller ID and are unaware of caller ID spoofing. This is obviously a flawed system ripe for fraud.
MSNBC reports Doug Bates and his wife, Stacey, were in bed around 10 p.m., their 2-year-old daughters asleep in a nearby room. Suddenly they were shaken awake by the wail of police sirens and the rumble of a helicopter above their suburban Southern California home. A criminal must be on the loose, they thought.
Doug Bates got up to lock the doors and grabbed a knife. A beam from a flashlight hit him. He peeked into the backyard. A swarm of police, assault rifles drawn, ordered him out of the house. Bates emerged, frightened and with the knife in his hand, as his wife frantically dialed 911. They were handcuffed and ordered to the ground while officers stormed the house.
They were victims of swatting that exploits a weakness in the way the 911 system handles calls from Internet-based phone services.
Dallas News reports a group of people met on telephone chat lines who harassed people through swatting. They would pick a target and their caller ID information to make it appear they were calling from that person’s house.
They would phone that person’s local police and pretend they were about to go on a killing spree, triggering a SWAT or patrol officer response. The group pulled this scam across the country.
There were some reports of injuries by police storming houses of innocent, unsuspecting people whom police thought were holding hostages at gunpoint.
This is difficult to prevent. Unlisting your home phone number can help. Not having a home phone number and being mobile based is even better. In the off chance you are ever selected to be swatted, the best response is to “show your hands”. Law enforcements concern is a weapon.
While completely unrelated, protect your identity too.
Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.
Invest in Intelius identity theft protection and prevention. Not all forms of identity theft protection can be prevented, but identity theft protection services can dramatically reduce your risk. “Disclosures”Swatting is making prank calls to emergency services. In the field of information... more
One hacked email address led to the defacement of Comcasts homepage. When the hackers called Comcasts technical contact to let him know all 200 Comcast domain names and Comcast homepage were vulnerable, he hung up on them.
It has not been disclosed how the email was compromised, but there are many ways it could be. Wired/CNN reports as described in the indictment, the hackers got control of the domain with two phone calls, and an e-mail was sent to the company’s domain registrar, Network Solutions, from a hacked Comcast e-mail account.
That gave them entry to the Network Solutions control panel for Comcast’s 200 domains, according to the indictment.
The hackers ages 19 and 20 at the time known as Defiant and EBK from a group calling themselves Kryogeniks scrawled “KRYOGENIKS EBK and DEFIANT RoXed COMCAST sHouTz To VIRUS Warlock elul21 coll1er seven.” Across Comcasts homepage after they were rebuffed by Comcasts tech admin. Where they screwed up during their stunt was when they changed the contact information for the Comcast.net domain to Defiant’s e-mail address. Brilliant hackers yet not so smart.
One way of compromising email accounts is via simply going to the “forgot password” section of your email provider’s website and respond to a preselected personal question that you answered when signing up for the account. With a little research, the hacker has a good shot at finding the correct answer. Some of the current questions could be answered using information found on a user’s social networking profile, or through a website like Ancestry.com or Genealogy.com
I suggest that you check out the “forgot password” section on your own web-based email account, to see your current personal question. If it’s easy to answer, or would only require a little research to solve, update the question with one that you create based on opinion, as opposed to fact.
You should also beef up your password. Combine uppercase and lowercase letters, as well as numbers. Don’t use consecutive numbers, and never use names of pets, family members, or close friends.
1. Get a credit freeze. Go online now and search “credit freeze” or “security freeze” and go to consumersunion.org and follow the steps for the state you live in. This is an absolutely necessary tool to secure your credit. In most cases it prevents new accounts from being opened in your name. This makes the SSN useless to the thief.
2. Invest in Intelius Identity Theft Protection and Protection. While not all forms of identity theft can be prevented, you can effectively manage your personal identifying information by knowing what’s buzzing out there in regards to YOU.
Robert Siciliano, identity theft speaker, discusses hacked email on FOX & Friends.One hacked email address led to the defacement of Comcasts homepage. When the hackers... more
Mules are relatively unaware people who get hooked into a “small business” or employment that is a function of a criminal enterprise. The mules often respond to “help wanted” ads from online job placement sites. Shipping scams are a common tactic criminals use in which they employ mules to receive goods bought with stolen credit card numbers, who then ship to people who buy them in online auctions. The mules in this process are essentially facilitating selling hot goods and money laundering.
An RSA study revealed laptops, iPods, iPhones, Nokia smartphones, digital cameras, Sony PlayStation 3 devices, and DJ equipment were among the items shipped to addresses in Russia and Belarus. RSA estimates that more than $36,000 worth of merchandise was cashed out every month before one scam ended earlier this year.
These scams generally have a virtual store front posing as a shipping company, giving the ruse a legitimate appearance. The efficiency of money mule operations has increased due to the amount of money being generated from data breaches and scams.
There have been dozens of significant data breaches over the past few years, in which millions of credit card numbers have been compromised. Once the data is in the hands of a criminal, they scheme to turn it into cash.
Credit card numbers are often bought and sold by “carders” who sell thousands of cards numbers for pennies each. In many cases when a PIN is present the criminal hacker will use the card number as a debit card at any ATM.
But when turning the data into cash isn’t so easy, they will burn the data to a white card and make in store purchases using mules. That can sometimes be a slow and riskier process. Recently, fake shipping scams have proven to be a profitable model that involves leveraging hundreds of naive people.
The mules are often baited into setting up bank accounts that the criminal controls. These bank accounts will be set up under the name of the mule to avoid detection and generally programmed to transfer money overseas in increments of less than $10,000 to avoid detection.
Most mules end up pulling money out of their pockets to front shipping costs with the promise of a big payoff. In the end the mule is often bilked and ends up with an empty bank account.
These scams hurt a lot of people. The banks and retailers lose because money and goods go out the door. The mules often end up losing thousands. And worse, many organized criminals are associated with terrorists groups who use the money to fund violence.
If the credit card companies and banks would adopt widely available technologies that make the data useless to the thief in the form of effective authentication of the user, then none of this would be happening. But until industry changes what I think is “its evil and selfish ways” then they will keep tossing fuel on the fire.
Generally my readers don’t need to be told the following, but maybe someone you know is naive enough to fall for one of these ruses. So keep in mind, if you are looking for a job online and see “shipping manager” or “buy and sell products on eBay with no inventory or money” or anything involving virtual transactions that involves shipping any thing overseas, then chances are it’s a scam. Also, never be suckered into opening a bank account that you don’t control. That’s just plain dumb.
And, protect your identity.
Invest in Intelius Identity Theft Protection. While not all forms of identity theft can be prevented, you can effectively manage your personal identifying information by knowing what’s buzzing out there in regards to YOU. “Disclosures”
Robert Siciliano Identity Theft Speaker discussing money mules on Fox NewsMules are relatively unaware people who get hooked into a “small business” or... more
Years ago (like 20) a friend was graduating from college and moving away and a bunch of friends were throwing a party for this person. Collectively they asked me if I’d write a small speech as a version of “This is your life”. Stymied as to why they would ask me to do it I asked ”Why me?” My girlfriend at the time said, and I quote “Because you gut good words”. Serious. And my writing and speaking began. Inspiration comes in many forms.
People who generally have to much time on their hands read my posts. Or they simply enjoy my train wreck world view. Anyway there are some fantastic resources that I draw from that help me to break down the complicated issues revolving around how to keep the bad guy from draining your bank account. The following make me look good. (not to insult the following)
READ/CONSUME/RSS:
Finextra Blogs. A vibrant community of finance, IT and security professionals from almost every corner of the planet. A melting pot of diversity that provides a world view on numerous issues. Just don’t piss off Paul.
The Register. A UK based digital diary of all things tech. John Leyden and Dan Gooden are Register rockstars.
Dark Reading. Isn’t as dark as it sounds. They hit on every possible security issue and are well researched. Kelly Jackson Higgins (is tireless) and John Sawyer & Graham Cluley provide great information. Tim Wilson is a must must must read.
COMPUTERWORLD Provides the most detailed exhaustive data of any source. Articles are deep and informative and keep you tuned to industry players too. Jaikumar Vijayan and Robert McMillan wear me out.
Wired.com Has anything and everything wires or wireless. Kim Zetter, David Kravets seem to have the inside scoop on everything. Kevin Poulsen Sr Editor used to run from the law with Kevin Mitnick and now bitch slaps anyone who says stupid stuff.
StorefrontBackTalk.com. Run by Evan Schuman is a smart e-commerce/retail/PCI publication
DataLossDB is run by the Open Security Foundation, an ornery bunch that keeps tabs on insecurity. Provides accurate statistics to CSO’s and CTO’s to assist them in decision making. They and their merry band of volunteers are watching you.
USAToday Michelle Kessler is all technology and Byron Acohido and Jon Swartz are very respected journalists who come up with the best insider stories on the planet, and have never ever called me.
The Washington Post Security Fix by Brian Krebs. Nobody has more crack heads, meth addicts and criminal hackers begging to tell their stories to a well known journalist. At least that’s my impression. You can’t not learn from this guy.
Information-Security-Resources.com a new addition to my feeds is edited by Anthony M. Freed and has contributions by Richard Stiennon and Danny Lieberman who often draw colorful commentary.
Nextadvisor.com/blog/ a consumer based easily digestible take on whats new and current in consumer security issues and product comparison. Kent and Caitlin keep tabs on all things “need to know”.
IAPP Daily Dashboard Mike Spinney, Senior Privacy Analyst , CIPP is a senior privacy analyst with the Ponemon Institute. Dude just rocks.
CNET Elinor Mills does the best job of breaking down complex issues into bite size chunks.
Increasing your information security vocabulary helps keep you and your business secure, like eating good food and exercising helps keep you healthy. So get smart. Up your IT/infosec intelligence. Read these sources and follow these journalists. They all gut good words.
* And do yourself a favor: Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name.
* And invest in Intelius identity theft protection. Not all forms of identity theft protection can be prevented, but identity theft protection services can dramatically reduce your risk. “DisclosRobert Siciliano Identity Theft Expert
Years ago (like 20) a friend was graduating... more
Earlier this week, an IT employee was indicted for stealing the identities of 150 of his coworkers at Bank of New York Mellon, to the tune of 1.1 million bucks. He bilked almost $140,000 a year over an eight year period by compromising the online bank accounts of numerous employees and wiring money to fraudulent accounts outside the bank.
This is a classic case of the fox watching the hen house. This guy was an insider terrorist, looking his colleagues straight in the eye and lying to them. I rank him with pedophiles and serial killers.
As much as 70% of all identity theft is committed by someone with inside access to organizations such as corporations, banks, or government agencies, or by someone who has an existing relationship with the victim. People with access to sensitive personal data are most likely to commit identity theft. For many, it’s just too easy not to.
An identity thief begins by acquiring a target’s personal identifying information: name, Social Security number, birth date and address, account information etc. If the thief has regular access to a database, this data is right there for the taking. Many credit applications and online accounts request current and previous addresses. So the thief fills out the victim’s current address as “previous” and plugs in a new address, usually a P.O. box or the thief’s own address, where the new credit card or statement will be sent. I’m amazed that a lender or credit card company can be careless enough to send a new credit card to a relatively anonymous P.O. box. The lender just checks the victim’s credit and, since everything matches, no red flags pop up. The card is issued, the account is opened and the fun begins.
In the Bank of New York Mellon case, investigators found dozens of bank and credit statements in the names of the victims at the thief’s home address.
Think for a moment about your house or apartment, and how you might break in if you lost your keys. If a burglar knew what you know about where you hide and store your stuff, how much damage could he do? Insiders pose the same problem. They know the ins and outs of all systems in place, and can wreak havoc on your operation as long as they are employed, and sometimes even after they are let go.
The problems begin when we are forced to trust people with complete access in order to allow them to perform their required duties. Ultimately, this is a people problem and needs to be addressed as such.
It is human nature to trust each other. We are raised to be civil towards one another and to respect those in authoritative positions. It takes a significant amount of trust in your fellow human beings to drive down the street while cars are heading toward you, separated only by a thin painted line. Without trust, we couldn’t get out of bed in the morning.
To protect your business and your data, limit sources as much as possible. Minimize the personnel with access to essential systems. Supervise the supervisors. Even your good apples can eventually go bad, so limit access, even for those who are in a trusted position. And require checks and balances, with multiple layers of authorization. If one person is always watching over another person’s shoulder, bad apples can’t hide or execute scams. Perform due diligence. In the information age, our lives are an open book. Background checks from information brokers are crucial. Failing to do background checks increases your liability. Someone who has been previously convicted of a crime just might do it again. And if a breach of trust does occur, prosecute the guilty. Make an example that other’s won’t forget. Public hangings are a strong deterrent.
Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name.
And invest in Intelius identity theft protection. Not all forms of identity theft protection can beEarlier this week, an IT employee was indicted for stealing the identities of 150 of... more
For the past year, I’ve been screaming about the trouble with social media as it relates to identity theft, brand hijacking, privacy issues, and the opportunity social media creates for criminals to “friend” their potential victims in order to create a false sense of trust and use that against their victims in phishing or other scams. I predicted long ago that the problem will get a lot worse before it gets better and there’s no question about it, criminal hackers have taken hold and are in full force.
We hear about a new Twitter phishing scam almost daily, whether it’s via direct messaging or a shortened URL. My spam folder is filled with emails from Facebook phishers, requesting new login credentials, or a “friend” who’s sending me a video that’s actually a virus.
Not too long ago, it was big news when someone had their Facebook account jacked by someone who impersonated the victim, claiming to have lost their wallet in the UK and begging for a money wire. Lately, I see another story about another victim every week.
Last time I checked, Facebook had more than 400 million users and Twitter has more than 50 million. These numbers jump exponentially every month, and old and new users are still being victimized.
James Carnall, manager of the cyberintelligence division at security monitoring firm Cyveillance, says, “Social media cybersquatting is where domain name cybersquatting was ten years ago”.
Scammers aren’t just stealing identities and spreading malware. They are brand jacking in ways that are hurting companies’ bottom lines. While many may not have sympathy for the bottoms lines of billion dollar corporations, this hurts the little guy, too. Knock off software, hardware, merchandise, and movies ultimately cost legitimate taxpayers jobs and hurt the economy when the money is heading to criminal hackers elsewhere in the world. Liz Miller, vice president of the Chief Marketing Officer Council, says, “Counterfeiting operations are highly organized, are very global and are picking up steam because of the economy.”
MarkMonitor, a company that tracks online threats for its clients, determined that phishing attacks on social networking sites increased by 164% over the past year. And in a CMO Council survey of 4,500 senior marketing executives, nearly 20% of the respondents said they had been affected by online scams and phishing schemes that had hijacked brand names. These statistics undeniably point to organized crime syndicates.
Protect yourself from social media identity theft.
1. Register your full name and those of your spouse and kids on the most trafficked social media sites, blogs, domains or web based email accounts. If your name is already gone, include your middle initial, a period or a hyphen. It’s up to you to decide whether or not to plug in your picture and basic bio, but consider leaving out your age or birthday. You can do this manually or by using a very cost effective service called Knowem.com.
2. Register all your officers, company names and branded products on every social media site you can find to prevent Twitter squatting and cybersquatting.
3. Get free alerts. Set up Google alerts for your name and get an email every time your name pops up online. Set up a free StepRep account for your name. StepRep is an online reputation manager that does a better job than Google does of fetching your name on the web.
4. Implement policies. Social media is a great platform for connecting with existing and potential clients. However, without some type of policy in place that regulates employee access and guidelines for appropriate behavior, social media may eventually be completely banned from every corporate network. Teach effective use by provide training on proper use and especially what not do to.
5. Encourage URL decoding. Before clicking on shortened URLs, find out where they lead by pasting them into a URL lengthening service like TinyURL Decoder or Untiny.
6. Limit social networks. In my own research, I’ve found 300-400 operable social networks serving numerous uses from music to movies, from friending to fornicating. Some are more or less appropriate and others even less secure. Knowem has a mind blowing list of 4600 as of this writing.
7. Train IT personnel. Effective policies begin from the top down. Those responsible for managing technology need to be fully up to speed.
8. Maintain updated security. Whether hardware or software, anti-virus or critical security patches, make sure you are up to date.
9. Lock down settings. Most social networks have privacy settings that need to be administered to the highest level. Default settings generally leave the networks wide open for attack.
10. Invest in Intelius identity theft protection and prevention. Not all forms of identity theft protection can be prevented, but identity theft protection services can dramatically reduce your risk. “Disclosures”
Robert Siciliano Identity Theft Speaker with ID Analytics discussing Social Media Identity Theft on Fox BostonFor the past year, I’ve been screaming about the trouble with social media as it... more
• I don’t use the Internet, so my personal information is not exposed online. Your personal information is in more places than you think, whether it’s your medical records, a job application, or a school emergency contact form• I don’t use the Internet, so my personal information is not exposed online. Your... more
The National Foundation for Credit Counselors, which sponsors Protect Your Identity Week, has compiled a number of identity theft myths. To support their efforts, the Santa Fe Group Vendor Council Awareness and Education Subcommittee has helped to clarify some common misinformationThe National Foundation for Credit Counselors, which sponsors Protect Your Identity... more
Imagine if someone used your name and image, or the name and logo of a business you own, to create a profile on Facebook, Twitter, or any other social networking websiteImagine if someone used your name and image, or the name and logo of a business you... more
I make a portion of my living talking about identity theft. Admittedly, I profit from the crime. I don’t steal identities of course, but I get paid because others steal. I’m not FBI, CIA, Secret Service or a cop.I make a portion of my living talking about identity theft. Admittedly, I profit from... more
An 18-year Counterintelligence and Counterterrorism Manager for the FBI has called for a Special Counsel to be appointed to investigate the allegations of FBI translator-turned-whistleblower Sibel Edmonds. John M. Cole, who now works as an intelligence contractor for the Air Force, made his comments during an audio interview released late last week with radio journalist Peter B. Collins.
He also offered a detailed insider's look at the concerns among high-level officials inside the Bureau as Edmonds' disturbing allegations began coming to light back in 2002, before they would be quashed for seven long years by the Bush Administration's unprecedented use of the so-called "State Secrets Privilege" to gag her.
Earlier last week, following the publication of a remarkable American Conservative magazine cover story interview with Edmonds --- detailing a broad bribery, blackmail, and espionage conspiracy said to have been carried out between current and former members of the U.S. Congress, high-ranking State and Defense Department officials and covert operatives from Turkey and Israel, resulting in the theft and sale of nuclear weapons technology on the foreign black market --- Cole had been quoted by the magazine confirming one of Edmonds' key allegations.
"I am fully aware of the FBI's decade-long investigation of" Marc Grossman, he said in response to the AmCon article/interview. Grossman had served as the third-highest ranking official in the Bush State Department and was alleged by Edmonds in the interview, and in a sworn, video-taped deposition a month earlier, to have been the U.S. ringleader for a massive Turkish espionage scandal reaching through the halls of power and into top-secret nuclear facilities around the country to the benefit of allies and enemies alike. Cole said that the FBI's counterintelligence probe "ultimately was buried and covered up," and that he believes it is "long past time" for an investigation of the case to "bring about accountability."
In his subsequent interview with Collins last week (audio and text excerpts posted below) Cole elaborated on those comments in much greater detail, noting that Edmonds has been "one hundred percent right on the money, on the mark" and confirming the existence of an "ongoing and detailed effort by Turkey to develop influence in the United States" through various illegal activities.
"Yes, I can confirm that," Cole told Collins, "That's true."
The FBI veteran executive also offered an insider's account of the panic that ensued inside the highest echelons of the bureau following Edmonds' first disclosure of information in 2002, recounting how an executive assistant director admitted to him at the time, just after the story first broke, "Well, all I know is that everything that Sibel is stating is true. I read her file. Everything she stated is, in fact, accurate."
Cole further describes how the concerns about Edmonds ultimately led to the Bush Administration's two-time use of the Draconian "State Secrets Privilege" in hopes of keeping her extraordinary information from becoming public. "Everybody at headquarters level at the bureau knew that what she was saying was extremely accurate."
"I know they didn't want her to go out and speak about it at all," Cole revealed, "and I know they were trying to figure out ways of keeping this whole thing quiet, because they didn't want Sibel to come out."
He also offered information which directly counters one of the criticisms of Edmonds' allegations as frequently offered by skeptics. Namely, that as a short time FBI contract translator --- even though she was tasked to review some seven years of counterintelligence wiretaps made from 1996 to 2002 --- she couldn't have had enough understanding of the full scope of the investigations to understand what was really going on.
More...An 18-year Counterintelligence and Counterterrorism Manager for the FBI has called for... more
Recent reports abound of consumers email account being phished and American and Egyptian authorities arresting dozens of people in an online fraud crackdown for phishing scams. Its time to revisit the fundamentals of how to prevent phishing. Nobody can do this better than the Anti Phishing Work Group
Phishing Defined
Phishing is a criminal mechanism employing both social engineering and technical subterfuge to steal consumers’ personal identity data and financial account credentials. Social‐engineering schemes use spoofed e‐mails purporting to be from legitimate businesses and agencies to lead consumers to counterfeit websites designed to trick recipients into divulging financial data such as usernames and passwords. Technical‐subterfuge schemes plant crimeware onto PCs to steal credentials directly, often using systems to intercept consumers online account user names and passwords ‐ and to corrupt local navigational infrastructures to misdirect consumers to counterfeit websites (or authentic websites through phisher‐controlled proxies used to monitor and intercept consumers’ keystrokes).
How to Avoid Phishing Scams
The number and sophistication of phishing scams sent out to consumers is continuing to increase dramatically. While online banking and e-commerce is very safe, as a general rule you should be careful about giving out your personal financial information over the Internet. The Anti-Phishing Working Group has compiled a list of recommendations below that you can use to avoid becoming a victim of these scams.
* Be suspicious of any email with urgent requests for personal financial information
o unless the email is digitally signed, you can’t be sure it wasn’t forged or ’spoofed’
o phishers typically include upsetting or exciting (but false) statements in their emails to get people to react immediately
o they typically ask for information such as usernames, passwords, credit card numbers, social security numbers, date of birth, etc.
o phisher emails are typically NOT personalized, but they can be. Valid messages from your bank or e-commerce company generally are personalized, but always call to check if you are unsure
* Don’t use the links in an email, instant message, or chat to get to any web page if you suspect the message might not be authentic or you don’t know the sender or user’s handle
o instead, call the company on the telephone, or log onto the website directly by typing in the Web adress in your browser
* Avoid filling out forms in email messages that ask for personal financial information
o you should only communicate information such as credit card numbers or account information via a secure website or the telephone
* Always ensure that you’re using a secure website when submitting credit card or other sensitive information via your Web browser
o Phishers are now able to ’spoof,’ or forge BOTH the “https://” that you normally see when you’re on a secure Web server AND a legitimate-looking address. You may even see both in the link of a scam email. Again, make it a habit to enter the address of any banking, shopping, auction, or financial transaction website yourself and not depend on displayed links.
o Phishers may also forge the yellow lock you would normally see near the bottom of your screen on a secure site. The lock has usually been considered as another indicator that you are on a ’safe’ site. The lock, when double-clicked, displays the security certificate for the site. If you get any warnings displayed that the address of the site you have displayed does NOT match the certificate, do not continue.
* Remember not all scam sites will try to show the “https://” and/or the security lock. Get in the habit of looking at the address line, too. Were you directed to PayPal? Does the address line display something different like “http://www.gotyouscammed.com/paypal/Robert Siciliano Identity Theft Expert
Recent reports abound of consumers email... more
US and Egyptian officials have charged 100 people with orchestrating a phishing scam that robbed a$1.5m from Bank of America and Wells Fargo customers.US and Egyptian officials have charged 100 people with orchestrating a phishing scam... more
Hotmail, Earthlink, Google, Yahoo, Comcast and other web-based email users have been giving up al their login details to phishers and current estimates are as many as 1 million accounts may have been compromisedHotmail, Earthlink, Google, Yahoo, Comcast and other web-based email users have been... more
Some are reading this and wondering why this is even an issue. Saying if you use one browser and have one password manager then it’s a no brainier. But I don’t use one browserSome are reading this and wondering why this is even an issue. Saying if you use one... more
Whether you realize it or not one of the biggest threats to your personal security is your computer. And the Obama administration is bringing to light the fact that they believe, and you should too, that one of the biggest security threats to national security is also your computer.Whether you realize it or not one of the biggest threats to your personal security is... more
Computerworld reports the House Energy and Commerce Committee passed the Informed P2P User Act, a law that supposedly makes it safer to use peer-to-peer, or P2P, file-sharing softwareComputerworld reports the House Energy and Commerce Committee passed the Informed P2P... more
