Oct 20 2009

Identity Theft Tip off, Countermeasure and Consequence

Category: Identity TheftDISC @ 3:30 pm

Grand Theft Scratchy: Blood Island
Image by włodi via Flickr
Americans fear having their identities “stolen” by cybercriminals more than they do becoming victims of a terror attack, getting mugged or having their homes burglarized, according to a new survey released by Gallup, a polling firm.

Stopping Identity Theft: 10 Easy Steps to Security

Identity theft is a crime in which an attacker/hacker obtains your personal information, such as Social Security, credit cards numbers or driver’s license numbers etc. The attacker/thief can use your personal information to obtain credit, merchandise, and services in your name which will ruin your credit and may even create a criminal record.

An identity thief can be any stranger who steals your personnel information or may be someone posing as a bank representative (social engineering) to get your personal information over the internet.
The problem is you may not realize that you have been victimized by identity theft until you receive your statement. That’ why it is important to have some check in place which will tip off that you might have been victim of identity theft until it is too late. As the saying goes “trust but verify”.

10 million Americans fell victim to identity theft last year (08) alone. In a recent story from the Dayton Daily News, the Better Business Bureau’s John North noted that some criminals are using text messages when hunting for consumers’ credit information. The practice, which has been dubbed “smishing”, combines text messaging and the practice of “phishing

Identity Theft Tip Off:
Sacramento county detective Sean Smith told how to detect credit card fraud and potential identity theft by looking for a cheap transaction on your statement.
He said some thieves will charge $1 on a credit card to test whether the card is active. The detective told viewers that’s a red flag that’s something suspicious is going on with your account, and you need to call the credit card company immediately.

Identity Theft Victims:
If you are the victim of identity theft, file a police report and take the following steps:

Notify the Credit Bureaus
Contact the fraud departments of any of the three major credit bureaus to
place a fraud alert on your credit file.

TransUnion: 1-800-680-7289; www.transunion.com; Fraud Victim Assistance
Division, P.O. Box 6790, Fullerton, CA 92834-6790

Equifax: 1-888-766-0008; www.equifax.com; P.O. Box 740241, Atlanta, GA 30374-0241

Experian: 1-888-EXPERIAN (397-3742); www.experian.com; P.O. Box 9532, Allen, TX 75013

After cleaning your records from identity theft incident, check credit report periodically to make sure no new activity has occurred.

Identity Theft Consequences:
Consequences of identity theft can be serious. Your credit history can be ruined, a loan could be denied because of a negative credit report, you could even be arrested for crimes you didn’t commit because someone has been using your identity.

Identity Theft Countermeasures:

  • Check your credit card, medical and bank statements regularly, even weekly, to look for any unusual activity or any charges on your card that you didn’t make.

  • Before throwing any document out that contains your personal information, you need to shred the document. Cross-cuts shredder is recommended.

  • Do not carry your Social Security card in your wallet.

  • Only carry the credit card you may be using on the trip.

  • Do not give personnel information unless you can verify the person.

  • Avoid business online, unless the site is secure meaning your data is encrypted during the transaction.

  • Close the accounts that you know or believe have been tampered with or opened fraudulently.

  • Place a freeze on your credit report.

    • Reblog this post [with Zemanta]

    Tags: credit card fraud, identity fraud, identity theaft, Identity Theft, Identity Theft Consequences, Identity Theft Countermeasures, Identity Theft Tip Off, Identity Theft Victims, social security fraud, Stopping Identity Theft

    Sep 04 2008

    Web 2.0 and more data

    Category: Information Security,Web 2.0DISC @ 5:52 pm

    According to the Identity Theft Resource Center of San Diego, “the data breaches are on the rise in 2008” and with more data breaches so are the impact and amount of losses. Web 2.0 is next phase of internet creation, where huge social networks are built and citizens of the network enjoy the interactive and conversational approach of the new web frontier. Does the web 2.0 introduce new threats which can be exploited by cyber criminals?

    To aid a social communication, users are required to input personal profile including birth date and residence addresses into these social networks to participate, which happens to provide a target rich environment for cyber criminals. These days new attacks are already taking advantage of personal information, some of which is retrieved from social network sites. If the account is hacked/breached from one of these social network sites, the impersonator can damage the (personal and professional) reputation by modifying the profile or changing/inserting the contents or comments.

    Cross site scripting is one of the major threat facing Web 2.0, below is an example of XSS.

    “In an incident reported in early December 2006 by Websense, hackers compromised the MySpace social networking site and infected hundreds of user profiles with a worm. This malicious code exploited a known vulnerability to replace the legitimate links on the user profiles with links to a phishing site, where victims were asked to submit their username and password. In addition, according to Websense, the worm embedded infected video in victims’ user profiles.”

    AJAX is one of the main programming languages used to develop Web 2.0.

    “A traditional Web site is like a house with no windows and just a front door. An AJAX Web site is like a house with a ton of windows and a sliding door. You can put the biggest locks on your front and back doors, but I can still get in through a window.”

    What if you happen to be a peace activist or a whistle blower in your company? Then perhaps Uncle Sam or your employer wants to settle scores with you for some reason. The question is who is monitoring them or for that matter stopping them from getting into your account to steal or modify data to damage your reputation or career? The point is, besides all the functional benefits, web 2.0 comes with new threats which we need to be aware of. Without knowing these risks we can’t manage or mitigate them to a point which is acceptable to the society at large.

    Web 2.0 contents are mostly interactive or dynamic in nature. The tools which were used to defend static contents might not be feasible for dynamic web 2.0 contents. Non-repudiation, validating the source and real time verification of the contents might be necessary to stay on top of the dynamic nature of web 2.0 threats.

    Web 2.0 – Opportunity 2.0 or Threat 2.0?

    How freely available online infomation on Web 2.0 was utilized to break into online banking account

    Web 2.0 … The Machine is Us/ing Us

    httpv://www.youtube.com/watch?v=6gmP4nk0EOE


    (Free Two-Day Shipping from Amazon Prime). Great books

    Tags: ajax, cross site scripting, cyber criminals, data breaches, identity theaft, mitigate, non-repudiation, phishing, Web 2.0, web 2.0 threats, websense, xss