tagged w/ stealing data
-
The seeming inconsistency between the perception of being immune from data breach risks with the rapid growth in data breach incidents, led us to think about whether organizations can actually quantify their level of breach risk. We were somewhat surprised that there is not much available to organizations to help them in scoring their vulnerability.The seeming inconsistency between the perception of being immune from data breach... more
-
-
Here is a scam that is particularly difficult threat to spot. Note the use of a Hallmark email address, Hallmark Logo and the template that was probably lifted from an authentic e-card. What’s the dead give-away that this is scam? Note the fact that the link has an “.exe” which is an “execute” command that will probably run some kind of nasty malware.Here is a scam that is particularly difficult threat to spot. Note the use of a... more
-
-
One of the penalties of having a well published email address is that I receive dozens of phishing emails, scam letters, and other nefarious material en masse daily. Most of these are the typical inheritance, lottery, and sweepstakes scams - but then there are the ones that at first glance may seem legitimate. Take for instance the following email I received over the holiday weekend...One of the penalties of having a well published email address is that I receive dozens... more
-
-
It is possible that, if such policies exist and were created specifically for HIPAA compliance, your organization is viewing this policy noncompliance as being a HIPAA infraction because of the HIPAA requirements to have security/privacy policies and enforce them.It is possible that, if such policies exist and were created specifically for HIPAA... more
-
-
QSA’s (auditors) policing the PCI-DSS (credit card data security standards) need to adjust their mindset when auditing virtualized card processing infrastructure…QSA’s (auditors) policing the PCI-DSS (credit card data security standards) need... more
-
-
Safety online is a controversial issue, one that is debated to death with little results that the average person can use without an advanced IT qualification. Here are my four simple rules for improving internet safety:Safety online is a controversial issue, one that is debated to death with little... more
-
-
Currently, people rely on obscurity to keep their data safe. But with progressively more intelligent search engines available that can churn through vast amounts of data and make sense of it – even your email – security is something that needs to be addressed.Currently, people rely on obscurity to keep their data safe. But with progressively... more
-
-
In recent years, the number of reported data breaches at healthcare organizations has soared, despite laws requiring the groups to protect patient information. In May, a hacker stole more than 500,000 patient records from a state-run database that tracks drug prescriptions in Virginia — and then demanded a ransom to return the information.In recent years, the number of reported data breaches at healthcare organizations has... more
-
-
Any business, of any size, in any industry, in any location, is a possible target for PII theft and cybercrime if they possess any type of employee, customer or other consumer PII. Most businesses have PII. All businesses with PII need to make sure they provide due diligence to protect that PII.Any business, of any size, in any industry, in any location, is a possible target for... more
-
-
Spoiler alert: There isn’t an effective identity theft protection product. Typically, a company claiming to be an identity theft protection company will provide one or all of these services; access to credit reports, credit monitoring, and database monitoring. Unfortunately, these services cause security problems themselves.Spoiler alert: There isn’t an effective identity theft protection product.... more
-
-
Identity theft is “America’s fastest growing problem” according to a statement made by the Federal Bureau of Investigation. The Federal Trade Commission (FTC) estimates 10 million Americans are affected each year. Knowing how to protect yourself is vitally important to avoid becoming a victim. The following are arenas where thieves prey:Identity theft is “America’s fastest growing problem” according to a... more
-
-
We’ve just published the latest guide in our ‘Securing Social Media’ series. We advise companies to block the use of P2P on the corporate network where not related to business use, and implement security guidelines to limit future risk.We’ve just published the latest guide in our ‘Securing Social Media’... more
-
-
Your email is as firmly established as an identity as a credit report- it contains details of your finances, address history, and birthday just as a credit report would. Your address book may reveal your mother’s maiden name, and a compromise of the account could easily reveal your tax information or social security number. A compromise of this account could be devastating.Your email is as firmly established as an identity as a credit report- it contains... more
-
-
Security firms, like Network Box, operate sophisticated Intrusion Detection and Prevention systems that can block many exploits, (such as public web applications), but even these type of systems can only offer a limited amount of protection in the case of private, internal applications.Security firms, like Network Box, operate sophisticated Intrusion Detection and... more
-
-
We have seen a huge increase in job scams over the last few days targeting people making use of classified advertisement sites to look for employment. How do you separate the legitimate job offer from the scam? Here are some quick and easy checks you can do:We have seen a huge increase in job scams over the last few days targeting people... more
-
-
IT is widely seen as a strategic, not a tactical, function of the business. The job of the IT team is to set and implement an IT strategy to meet a business need, rather than developing the tactical technology to support the business need – which, more and more, is left to specialist experts. Nowhere have we seen this more than in security.IT is widely seen as a strategic, not a tactical, function of the business. The job of... more
-
-
People get so upset, understandably, when an organization loses a laptop with SSNs, or has one stolen. But now, upon hearing that crooks don’t even need to steal SSNs, but can just generate them from commonly known information and use them until the victims discover the crimes, it is puzzling why so many people don’t see this as something to be concerned with, and to demand changes for.People get so upset, understandably, when an organization loses a laptop with SSNs, or... more
-
-
Small and medium sized businesses (SMBs) are an attractive target for identity thieves. According to the Institute of Consumer Financial Education (ICFE), SMBs usually qualify for larger lines of credit, “enjoy extended payment terms and less transactional scrutiny for large purchases or high value ticket items than individual customers.”Small and medium sized businesses (SMBs) are an attractive target for identity... more
-
-
On July 29th, as I was following up on a story that flashed across my Twitter stream about 30 certified employees of a school district finding themselves victims of ID theft, I found something that should not have been there...On July 29th, as I was following up on a story that flashed across my Twitter stream... more
-
-
Thieves prey on our deepest and strongest emotions, and two people madly in love and about to take the plunge are certainly full of emotions and stress. Stress makes us more apt to decide quickly, without thinking the situation through. The sense of relief we feel may encourage us to accept an offer that seems “too good to be true” when we might otherwise hesitate.Thieves prey on our deepest and strongest emotions, and two people madly in love and... more
-
