by Brian Thompson | Nov 2, 2020 | Uncategorized
Cyber-Thieves and ID Theft criminals never rest and continue to stay ahead of law enforcement, businesses, and consumers.
And because of that fact, now is a great time for consumers and businesses to evaluate their cybersecurity posture – especially during the COVID-19 environment – with a focus on response and recovery.
Why response and recovery? Because consumers and employees continue to click on phishing emails and organizations continue to experience data breach events such as ransomware.
Two recent examples include Blackbaud (Blackbaud Ransomware Attack Gets Worse) and Twitter (Twitter Hackers Posed as Company IT Officials Making a Support Call).
Blackbaud – a cloud technology company confirmed in early October that “stolen data also included bank account data and Social Security numbers, far more personally identifiable information than the company first thought.”
Specific to Twitter, the New York State Department of Financial Services released its findings and concluded: “the hack was relatively unsophisticated, caused by scammers who posed as members of Twitter’s IT help desk and directed employees to a phishing website designed to look like a company site.”
Blackbaud is your typical data breach example where their first statement on July 16, 2020, said while they were hacked, “that credit card information, bank account information, or Social Security numbers were not stolen.”
Fast forward 60 days later and Blackbaud now admits that their data breach “had access to more unencrypted data than previously disclosed, including bank account information, Social Security numbers, usernames and/or passwords.”
Unfortunately, the final story for most data breaches rarely reflect the initial news report and speak of what’s known at the moment, but never discuss the long-term – which is exactly what happened to Blackbaud and Twitter.
The fact is that a data breach or ID Theft event can be a lifelong problem affecting you long into the future.
In Blackbaud’s case, their data breach event has affected 6 million people so far.
With all the education and resources businesses continue to fail phishing tests (after cyber-awareness training) and still click phishing emails.
My advice to consumers and small businesses is a heightened awareness of phishing emails, unfamiliar links, and attachments, and to reconsider the information that is being shared on social media.
After all, Cyber-Thieves and ID Theft criminals never rest and are unpredictable!
by Mark Pribish
Check out our article on Full-Service Recovery HERE
by Brian Thompson | Sep 29, 2020 | Uncategorized
|
|
|
Pizza in Chicago, Gift Card in Montreal
WHAT?
|
|
|
When my card was rejected at a small café in Stockbridge, MA where we had just had lunch we made a quick call to our credit card company and they asked if we had purchased…
“…purchased 2 pizzas in Chicago and a $1000 gift
card to a fishing supply store in Montreal”. No Way!
Clearly, we did not order a Pizza in Chicago and we had been hacked. We canceled the card immediately. But what if I hadn’t used that card that day? Then what?
So began my education about Identity Theft. I vowed to look into an Identity Protection solution ASAP.
I learned that Credit Card Fraud is
not the same thing as Identity Theft.
Credit Card Fraud is a potential consequence of identity theft. Here, a thief steals your credit card information and then makes purchases in a store or online. Most credit card companies have a liability limit of $50. This means that even if a thief has charged thousands of dollars to your card, you’d likely only have to pay $50. More often than not, credit card companies simply wipe out any charges that are the result of fraud.
But, Identity Theft involves much
more than a few fraudulent charges.
Identity thieves can steal your personal information to open a new line of credit, open a new credit card, or obtain a false ID in your name. Unlike credit card fraud, there’s no liability limit. That means you might end up paying for all the damage caused by an identity thief.
With identity theft, the impact can be much greater, lasting for years or even decades. With some types of identity theft, such as medical identity theft you may not realize you’re a victim until you get a call from a collections agency. *By then, the identity theft may be so embedded in your personal records that it feels like taking on a part-time job just to clear your name. You’ll not only deal with whatever bills are in the collection, but also credit bureaus, lenders, other financial institutions, and possibly even law enforcement.
*The real value in an Identity Protection
plan is to help in the recovery process.
defend-id’s “Fully Managed Recovery” feature provides the peace of mind of a dedicated certified Recovery Advocate. Your advocate will work on your behalf to perform all of the tasks necessary to restore your identity, completing and filing forms, research, and contacting all companies, agencies, and financial institutions necessary to ensure that any and all fraudulent activity that has been identified is addressed and resolved.
|
|
|
|
|
Identity theft happens every 2 seconds in the U.S.
Identities are stolen…
hours are spent in trying to dig out of the mess…
lives are turned upside down.
So if you ever have a “Pizza in Chicago…What?”, moment know there is a better way to resolve it!
|
|
|
|
|
|
|
|
|
|
|
by Brian Thompson | Jul 2, 2020 | Uncategorized
Since people started working from home due to the COVID-19 crisis, risk has had gone up! Medical ID Theft, financial and non-financial identity theft, fraud and scams have significantly increased.
Keyword phrases such as cybercrime, cyber thieves, data breach, digital spying, identity theft, personal privacy, phishing, and reputational risk have been reported and written about relating to both individuals and businesses more than ever.
As if it was not enough to constantly fight hackers and scammers at the office, most American workers are now fighting the same hackers, scammers and ID theft criminals remotely, from our “private” homes.
Understanding that many people live their lives online through social media, dating websites, reading the news, and the use of smartphones – the COVID-19 crisis has increased access points to the American consumer and worker more than ever.
One example of a new access point for many consumers is Telehealth.
According to the Centers for Disease Control (CDC) June 10, 2020 update titled Using Telehealth to Expand Access to Essential Health Services during the COVID-19 Pandemic (please see here), “Telehealth services help provide necessary care to patients while minimizing the transmission risk of the COVID-19 virus to healthcare personnel (HCP) and patients” and “while telehealth technology and its use are not new, widespread adoption among Healthcare Providers and patients beyond simple telephone calls has been relatively slow.”
The CDC stated that recent policy changes during the COVID-19 pandemic have reduced barriers to telehealth access and have promoted the use of telehealth as a way to deliver acute, chronic, primary and specialty care that can help improve patient health outcomes.
However, and while Telehealth is a timely, valuable and useful tool, this June 22, 2020 article titled Security Experts Warn Of Elevated Threat Of Medical ID Theft During Coronavirus Pandemic (please see here) reported that “the coronavirus pandemic presents a greater threat for medical identity theft as patients interact with the health care system.”
One security expert, Randy Pargman, a former senior computer scientist with the Federal Bureau of Investigation (FBI) said that “companies across the board are more susceptible to theft of personal information during this pandemic because the attackers know they can take advantage of this situation.”
Pargman also said, “patient files are rife with personal data ranging from social security numbers to insurance information.”
Whether it is a cybercriminal hacking medical files or the insider threat stealing medical files, I am certain that Telehealth services have just as many vulnerabilities as the many healthcare systems, hospitals, and medical groups that have already experienced data breach events.
As we continue to work from home, we need to be more vigilant than ever about the cyber scams, phishing scams, hackers, and insider threats that are targeting our online presence – including Telehealth services.
by Mark Pribish
Learn more: Health Care Schemes & COVID-19 Pandemic
by Brian Thompson | Nov 15, 2019 | General, Identity Theft, Uncategorized
Have you ever thought about how installing smart or connected devices such as a residential doorbell or security camera using a Wi-Fi connection can put your personal or business data at risk of being hacked or sold to third parties like advertisers? Personal privacy and the internet of things should be on all of our minds as we continue to become more and more connected.
Day to Day Convenience
An October 1, 2019 article titled Smart Home Devices and Privacy Risk (please see here) states “while ‘smart home’ or internet of things (IoT) devices have become more prevalent and may make every day or business tasks more convenient, they also diminish consumers’ privacy and introduce serious risks, for both users and device developers and manufacturers.”
According to Statista, a leading provider of market and consumer data, there will be 75 billion connected devices worldwide by 2025 (please see here).
Connected Devices
When I think of connected devices I think of business sectors such as
- Utilities (programmable thermostats),
- Residential Security (residential doorbells with surveillance cameras and microphones),
- Smart and Self-Driving Automobiles (onboard computers, infotainment/entertainment systems, and apps) and
- Healthcare (medical devices such as a pacemaker and mobile apps) to name a few.
Benefits
In each instance, these connected business sectors and devices help save money, increase efficiencies and improve our quality of life.
The Risks
The same business sectors and devices can also give hackers and insider threats the opportunity to steal personally identifiable information (PII) leading to any consumer becoming a victim of identity theft.
Think about it, if you can unlock the front door of your house remotely – so can a hacker. If you can start your car or unlock the door locks of your car remotely – so can a hacker?
And if any of your devices or service providers are connected to the cloud to collect, store and/or transfer information – hackers and insider threats can collect, store and/or transfer the same information.
While consumers are excited to have a more connected lifestyle, consumers should also be concerned about the increased risk of identity theft and data breach events.
So what can you do about it?
Consumers can protect themselves in a number of ways including:
- By changing their default usernames and passwords
- Setting strong passwords
- Updating their security software regularly
- Check the device for default privacy and security settings
- Disabling remote access to your IoT devices (where applicable)
Every IoT device comes with a built-in web interface to configure the settings mentioned above. In addition to securing any new smart devices, be sure to configure any existing IoT devices you already have.
Personal Privacy and the Internet Of Things is a concern we should consider seriously and take the precautionary steps needed with these increased risks.
By Mark Pribish
ID Theft Practice Leader
Keywords: #Personal Privacy, #Internet of Things, #Smart Devices, #Identity Theft
