by Brian Thompson | Mar 19, 2020 | General, Identity Theft
I read a great article last week by Risk Based Security – a leader in vulnerability intelligence – about modern phishing attempts (please see here) and how Coronavirus Fear and Anxiety Drives Phishing Scams. “malicious attackers are targeting unsuspecting people on the web.”
This article said there was a “tendency to associate phishing with crude boilerplate emails, dubious attachments, and poor attention spans”. But, sophisticated “attackers were spoofing system update prompts or redirecting users to pages with all sorts of dubious code.”
But it gets worse. Cyber thieves and ID theft criminals didn’t are already taking advantage of fear and anxiety surrounding the global COVID-19 pandemic.
Risk-Based Security then released another article titled Coronavirus Isn’t the Only Virus Going Around (please see here) reporting that “malicious attackers will always find new ways to target individuals and organizations. This time, hackers are installing malware on computers and harvesting user credentials by preying on people’s curiosity and fear of the coronavirus (COVID-19).”
Phishing Example
One new phishing example is where “scammers pose as the Centers for Disease Control (CDC) advising that there are new COVID-19 cases reported in the user’s city and requesting that they follow a link to learn more. From there, clicking the provided URL covertly redirects the user to a spoofed login page. If the user completes the process by providing their credentials, they are now compromised.”
The Major Cause
For years I have written and spoken on how IT and hacking are the sizzle that makes the news headlines. However, the vast majority of data breach events are the result of phishing emails and not high technology hacking tools.
According to the FBI’s Internet Crime Complaint Center (IC3) 2019 Internet Crime Report (please see here), phishing scams were the most common type of internet crime last year where 114,000 U.S. consumers lost more than $57.8 million in 2019 as the result of phishing.
Let’s not forget…
that cyber and ID theft criminals pretend to be trustworthy to trick people into handing over personal details or account information. Now COVID-19 related scams are showing up in multiple locations including the internet, your work email, and your personal email.
Based on the severity of our national emergency and because of Coronavirus Fear and Anxiety Drives Phishing Scams – we need to be diligent and aware of the numerous phishing emails and scams in the foreseeable future.
By Mark Pribish
Vice President and ID Theft Practice Leader
by Brian Thompson | Feb 3, 2020 | Breach, Identity Theft
John Iannarelli, former FBI Special Agent offers 4 SMB Cybersecurity tips. Is your business safe from the cybersecurity threat?
According to the Allianz Risk Barometer for 2020, cyber incidents ranked as the number one business risk in its ninth annual survey of risk experts.
Based on the above, I just interviewed former FBI Special Agent John Iannarelli (http://fbijohn.com/) in between his national television appearances on Fox News and Fox Business.
Mr. Iannarelli retired from the FBI after more than 20 years of service, during which time he was the FBI’s National Spokesperson, on the FBI Cyber Division executive staff, an FBI SWAT team member, and the Assistant Special Agent in Charge of the FBI’s Phoenix Division, where he oversaw all Criminal, Cyber, and Counter Intelligence investigations throughout Arizona.
Since leaving the FBI, Mr. Iannarelli is an active contributor for national news outlets, keynote speaker, author, and security consultant.
I asked Mr. Iannarelli for simple advice on how to keep small businesses safer in 2020. Here are his 4 cybersecurity tips for small businesses and sole proprietors:
Ransomware
“Maintaining a strong firewall, keeping your security software up to date, and the patching of vulnerable software is critical”, said Iannarelli. He also said, “The restoration of your computer files from a backup is the fastest way to safely regain access to your data.” Mr. Iannarelli recommends “to not pay the ransom as there is no guarantee that you will be able to regain access to your files and that once you pay the cybercriminals they are likely to attack again.”
Hackers steal consumer data from devices connected to unsecured networks by positioning themselves between you and the connection point. This means that instead of talking directly with the hotspot, you end up sending your data to the hacker. Mr. Iannarelli recommends “use of VPN encryption to help prevent cybercriminals from hacking into your Wi–Fi connection and intercepting the data you send and receive.”
Vendor Due Diligence
According to the Ponemon Institute, third-party breaches remain a dominant security challenge for small and large businesses. Over 63% of data breaches are linked to a third party. He said, “Small businesses should establish information security and governance best practices including a data breach and incident response policy and plan.”. A plan will protect your business, help win new business, and elevate your due diligence profile.
State and Federal Notification Laws
Since the United States does not have a Federal Privacy law. Mr. Iannarelli stated“understanding current state privacy laws where your small business conducts business is critical to responding to a data breach event in a timely and effective manner.”
If you have been victimized by an online scam or any other cyber fraud, be sure to report it to the FBI’s Internet Crime Complaint Center at www.IC3.gov or call your local FBI office.
By Mark Pribish
Vice President and ID Theft Practice Leader
by Brian Thompson | Nov 25, 2019 | General, Identity Theft
The latest research and identity theft trends indicate significant patterns. Patterns that can help consumers and businesses mitigate their risks against identity theft. One of these trends points to the unfortunate potential that senior identity theft is going to get significantly worse.
Research
Based on the first half of this year – where 11 of the largest 13 data breach events occurred at medical or healthcare organizations (please see here) affecting nearly 24 million healthcare-related records.
And we believe senior identity theft and fraud will get significantly worse in 2020.
When you think about lost or stolen Personally Identifiable Information (PII), most people think about:
- credit card information,
- bank account information,
- taxpayer identity theft and refund fraud,
- utility identity theft and fraud, and
- credential identity theft such as driver’s license or passport fraud.
Healthcare is a Target
According to Protenus, a healthcare compliance analytics company, (please see here) this healthcare industry data breach pattern includes 503 incidents affecting nearly 15.1 million patient records in 2018 and 477 data breaches affecting 5.6 million patient records in 2017.
Very few people think about medical identity theft in general and senior identity theft in particular. Click here to read about how ID Theft Increases Stress and Fatigue
However, when the collections firm American Medical Collections Agency (AMCA) – which services laboratories, hospitals, physician groups, billing services and medical providers throughout the United States – experienced a data breach including Labcorp affecting 7.7 million patients and Quest Diagnostics affecting 11.9 million patients, we have to wondered how safe and secure all American consumer billing records really are?
The Senior Population
Another interesting statistic comes from the 2019 Federal Trade Commission (FTC) Consumer Sentinel Network Data Book where 39% of fraud complaints and 15.9% of identity theft complaints impacted seniors (60 years or older) in 2018 (please see here).
If you add the mature market (50 – 59 years of age), the “Identity Theft Reports by Age” from the FTC Consumer Sentinel Network shows a three year average of 36% of identity theft victims were 50 years and older.
There were “only” 14.4 million identity theft victims in 2018, a drop from the record-breaking 16.7 million victims in 2017. But it is estimated that out-of-pocket fraud costs for victims more than doubled in 2 Years to $1.7 billion.
The FTC report also showed that younger people reported losing money to fraud more often than older people. Older people lost nearly twice the amount to fraud than the more frequently reported younger reports.
Nearly 50 million health-related records have been reported stolen from over 1,000 data breaches over the last 30 months. The statistics are staggering and will likely have an enormous, negative effect on seniors over the next couple of years.
Written by Mark Pribish – ID Theft Protection Expert
Learn More:
To learn more about Identity Theft Monitoring click here for the 14 features of Identity Theft Protection Monitoring and the Most Important Feature!
by Brian Thompson | Nov 18, 2019 | Identity Theft
What is Dark Web Monitoring in the world of identity theft? How can Dark Web Monitoring help mitigate the risks of Identity theft and Fraud?
But wait, what are the Deep, Dark and Surface Web? 
The Surface Web is what you think of when you think of the internet. Any site you are accessing through search engines only makes up about .03% of the internet available. 99.97% of the internet is made up of un-indexed pages, or the Deep Web.
The Deep web is often confused with the Dark web but they are two very distinctive things. The deep web is the entire web that is not accessible by conventional search engines but the dark web is a certain website within the deep web that is linked to criminal activity and illegal market places.
For a more in-depth explanation check out this article: What’s the difference between Surface, Deep & Dark Web?? – Lets have some discussions!!..by Rajdeep Das
Dark Web Monitoring
Dark Web monitoring is an intelligent and proactive identity theft detection solution that searches for compromised information across the deep, dark and surface web, as well as underground forums and file-sharing sources.
What is the benefit?
By performing comprehensive reviews of websites frequented by hackers and cybercriminals, it is possible to detect your personal information being traded or sold before the criminal uses it.
When you enroll, you will have full control over what information you choose to be monitored. We then continuously (24/7) monitor the deep, dark and surface web to detect the trading and selling of the information you provided. If we find any of the information being monitored, you will receive a notification that your information has been found online. This alert allows you to take immediate action to prevent, or reduce losses, such as changing a password or closing an account.
| FEATURES |
BENEFIT |
| Dark Web Monitoring – Proactive monitoring if your identity or supplied credentials are stolen or compromised. Be alerted if your data is discovered being traded or sold on the dark, deep or surface web. |
- Alerts are sent to you when your information is detected as compromised on the dark, deep or surface web.
- This gives you a heads up so that you can work swiftly to respond, reducing or eliminating potential losses.
- If you receive a dark web monitoring alert, you can immediately act to change
|
Check out the most important feature of an Identity Monitoring program here: Fully-Managed Recovery for Identity Theft
Here is a list of essential features of an Identity Monitoring Program: 14 features of Identity Theft Protection Monitoring and the Most Important Feature!
by Brian Thompson | Nov 15, 2019 | General, Identity Theft, Uncategorized
Have you ever thought about how installing smart or connected devices such as a residential doorbell or security camera using a Wi-Fi connection can put your personal or business data at risk of being hacked or sold to third parties like advertisers? Personal privacy and the internet of things should be on all of our minds as we continue to become more and more connected.
Day to Day Convenience
An October 1, 2019 article titled Smart Home Devices and Privacy Risk (please see here) states “while ‘smart home’ or internet of things (IoT) devices have become more prevalent and may make every day or business tasks more convenient, they also diminish consumers’ privacy and introduce serious risks, for both users and device developers and manufacturers.”
According to Statista, a leading provider of market and consumer data, there will be 75 billion connected devices worldwide by 2025 (please see here).
Connected Devices
When I think of connected devices I think of business sectors such as
- Utilities (programmable thermostats),
- Residential Security (residential doorbells with surveillance cameras and microphones),
- Smart and Self-Driving Automobiles (onboard computers, infotainment/entertainment systems, and apps) and
- Healthcare (medical devices such as a pacemaker and mobile apps) to name a few.
Benefits
In each instance, these connected business sectors and devices help save money, increase efficiencies and improve our quality of life.
The Risks
The same business sectors and devices can also give hackers and insider threats the opportunity to steal personally identifiable information (PII) leading to any consumer becoming a victim of identity theft.
Think about it, if you can unlock the front door of your house remotely – so can a hacker. If you can start your car or unlock the door locks of your car remotely – so can a hacker?
And if any of your devices or service providers are connected to the cloud to collect, store and/or transfer information – hackers and insider threats can collect, store and/or transfer the same information.
While consumers are excited to have a more connected lifestyle, consumers should also be concerned about the increased risk of identity theft and data breach events.
So what can you do about it?
Consumers can protect themselves in a number of ways including:
- By changing their default usernames and passwords
- Setting strong passwords
- Updating their security software regularly
- Check the device for default privacy and security settings
- Disabling remote access to your IoT devices (where applicable)
Every IoT device comes with a built-in web interface to configure the settings mentioned above. In addition to securing any new smart devices, be sure to configure any existing IoT devices you already have.
Personal Privacy and the Internet Of Things is a concern we should consider seriously and take the precautionary steps needed with these increased risks.
By Mark Pribish
ID Theft Practice Leader
Keywords: #Personal Privacy, #Internet of Things, #Smart Devices, #Identity Theft
by Brian Thompson | Nov 6, 2019 | Identity Theft
But it is your house!?
You have worked hard your whole life. You have paid off your house. Retirement looks comfortable and you are thinking of using some of your home equity to buy a second home. You go to the bank to apply for your loan and the loan officer cannot seem to confirm that you actually own your home. In addition, the tax records reveal someone else not only owns the home you’ve lived in for years but that they have taken out a large mortgage against the house. Suddenly, your net worth has dropped by thousands, maybe hundreds of thousands. So, could ID Theft Cost Your Your Home?…YES
Identity Theft…whether it is your social security number or other personally identifying information that is stolen, it is traumatic. Personally, it was a huge concern when someone stole my identity and purchased 4 cell phones from a Best Buy in Washington state and set up AT&T service! No, I do not have AT&T, I do not live in Washington and I do not have an account with Best Buy. This was an issue I had to take seriously BUT, what if it was my house they took or if they purchased another in my name?
While it is not as common as SS# scams and Tax ID-Fraud, it can occur and can be much more devastating than other types of identity theft for many reasons.
How does it happen?
There a couple ways that mortgage identity fraud can happen:
- Identity Thief gains access to enough Personal Identifiable information to purchase a home in your name. You find out when you eventually look on your credit report, usually when after the damage has been done and you are late on a mortgage you didn’t know existed in your name.
- Even more painful is when the theft occurs in the home you already live in! In this scenario, the thief obtains your information in order to transfer the deed to either themselves or a third party without your knowledge. You move on, unknowingly, paying the mortgage for a house you technically do not own anymore. The thief will then either try and sell the property as if it were theirs in order to get the buyer’s money.
There are many ways to protect yourself from identity theft. Although, less common than other types of ID theft, it could cost you your home… So it is imperative to understand the risks, where you are vulnerable and to have a place to turn if your identity is stolen. Check out the links below to learn more about identity theft monitoring and restoration.
14 features of Identity Theft Protection Monitoring and the Most Important Feature!
ID Theft Increases Stress and Fatigue
What Do Identity Theft Protection Services Really Do?
14 features of Identity Theft Protection Monitoring and the Most Important Feature!
Follow us on LinkedIn!
