identity theft and scams
Welcome to
Your best source for presentations, workshops, consultation, news, videos, and information about identity theft, scams, data breaches, and other information security threats. For more information about our services, please click HERE.
 
Resources and Expertise to Combat Identity Theft, Scams, and Social Engineering
identitytheft.info
spacer
spacer
There Have Been 
 
 Identity Theft Victims Year-To-Date
CATEGORIES
Latest Identity Theft News
Hundreds of Companies Expose PII, Private Emails Through Google Groups Error
Monday, July 24, 2017
zdnet.com
A small settings error has resulted in the exposure of confidential business emails and employee data, researchers have warned. On Monday, RedLock revealed in a blog post that companies including IBM's Weather Company, Fusion Media Group -- the parent firm of companies including Gizmodo, The Onion, and Lifehacker -- as well as helpdesk support service provider Freshworks and video ad platform SpotX were affected by the security issue. According to the team, "hundreds" of Google Groups have publicly exposed messages containing sensitive information belonging to such companies, all because of a customer-controlled configuration error in the service.
How Secure Are Today's ATMs? 5 Questions Answered
Monday, July 24, 2017
kutv.com
By installing fake card slots, or even extra attachments (called “skimmers”) on top of the existing card slot, attackers can read the information on cards’ magnetic strips. That can help them make fake duplicate cards to use in other ATMs.
When Student Debt Payoff Becomes Complicated by Identity Theft
Monday, July 24, 2017
latimes.com
After contacting the IRS, we found that someone took out a fraudulent student loan using my former married name. I also got my credit reports, which showed the loan. I was able to get the signed loan documents from the U.S. Department of Education but now the department does not respond to my certified letters or phone calls.
Stolen Medical Records Uncovered in Identity Theft Scheme
Monday, July 24, 2017
kxii.com
"We've been violated as a hospital, the community's been violated, and we suffered the theft of some records that was inappropriate, and will not happen again." Mercy Health Love County administrator Richard Barker said."
One Essential Step to Prevent Identity Theft
Monday, July 24, 2017
komando.com
If you suspect that your identity has been compromised, here's one essential step you must take to stop criminals from opening credit card accounts under your name.
VIDEO: Oakland Man Indicted for Allegedly Trying to Support ISIS, Identity Theft
Monday, July 24, 2017
kron4.com
“The indictment alleges that the services Alhaggagi attempted to provide included opening social media accounts for the use, benefit, and promotion of ISIS, and that the personnel he provided was himself,” a DOJ press release said. The indictment also includes three counts of identity theft. Alhaggagi allegedly used a stolen credit card to make almost $5,000 in fraudulent online purchases from a clothing company, FBI officials said.
Nuance the Latest NotPetya Victim to Report Financial Impact
Monday, July 24, 2017
healthcareinfosecurity.com
On July 21, the Waltham, Massachusetts-based company issued a financial statement warning Wall Street analysts that its fiscal 2017 Q3 and likely Q4 revenue and earnings results would be negatively impacted by the June 27 ransomware attack. Nearly a month after the attack, the company is still trying to restore all its services to customers. Most impacted has been its medical transcription services business.
One Simple Error Led to AlphaBay Admin's Downfall
Monday, July 24, 2017
govinfosecurity.com
Hollywood loves to portray hackers as wunderkinds with such exceptional cybercrime mojo that they can hack or crack anything, even with their eyes closed. But in reality, it seems like cops often find their suspects not because they've had to throw the cybersecurity equivalent of a Sherlock Holmes at a case, but because the crooks screwed up.
2 Leading Online Black Markets Are Shut Down by Authorities
Friday, July 21, 2017
nytimes.com
The American and European authorities said on Thursday that they had shut down two of the largest online black markets, AlphaBay and Hansa Market, and arrested their operators. AlphaBay, the largest so-called dark net market, was taken down in early July at the same time the authorities arrested the reported founder of the site, Alexandre Cazes, a Canadian man who was living in Bangkok. Mr. Cazes committed suicide in his jail cell shortly after he was arrested, the authorities said on Thursday. He was 25 years old.
Russian Citadel Malware Co-Developer 'Kolypto ' Sentenced to Prison
Friday, July 21, 2017
scmagazine.com
In March, Mark Vartanyan, also known as Kolypto, admitted to his role in developing, improving, and maintaining the malware toolkit which targeted financial institutions and individuals around the world between 2012 and 2014, according to a Department of Justice press release...The malware was designed to steal financial account credentials and personally identifiable information from victim computer networks and affected nearly 11 million computers world wide causing more than $500 million in loses.
Darknet Takedown: Authorities Shutter AlphaBay
Friday, July 21, 2017
fbi.gov
The largest marketplace on the Darknet—where hundreds of thousands of criminals anonymously bought and sold drugs, weapons, hacking tools, stolen identities, and a host of other illegal goods and services—has been shut down as a result of one the most sophisticated and coordinated efforts to date on the part of law enforcement across the globe.
DOJ Takes Down Dark Net Marketplace
Thursday, July 20, 2017
thehill.com
The Justice Department on Thursday said it had shut down one of the largest so-called dark net markets, AlphaBay. "This is likely one of the most important criminal case of the year," said Attorney General Jeff Sessions at a press conference. Sessions said the DOJ had seized the infrastructure and arrested the criminal market's owner, ending speculation about why AlphaBay had recently disappeared.
After AlphaBay’s Demise, Customers Flocked to Dark Market Run by Dutch Police
Thursday, July 20, 2017
krebsonsecurity.com
Earlier this month, news broke that authorities had seized the Dark Web marketplace AlphaBay, an online black market that peddled everything from heroin to stolen identity and credit card data. But it wasn’t until today, when the U.S. Justice Department held a press conference to detail the AlphaBay takedown that the other shoe dropped: Police in The Netherlands for the past month have been operating Hansa Market, a competing Dark Web bazaar that enjoyed a massive influx of new customers immediately after the AlphaBay takedown.
Read the Previously Undisclosed Plan to Counter Russian Hacking on Election Day
Thursday, July 20, 2017
time.com
President Obama’s White House quietly produced a plan in October to counter a possible Election Day cyber attack that included extraordinary measures like sending armed federal law enforcement agents to polling places, mobilizing components of the military and launching counter-propaganda efforts. The 15-page plan, a copy of which was obtained by TIME, stipulates that “in almost all potential cases of malicious cyber activity impacting election infrastructure, state, local, tribal, and territorial governments” would have primary jurisdiction to respond. But in the case of a “signifcant incident” the White House had several “enhanced procedures” it was prepared to take.
Identity Theft-Turned-Murder of Man Found in Forest Results in Big Sentences
Tuesday, July 18, 2017
pasadenastarnews.com
The day after the killing, Thurman began withdrawing money from Carter’s bank accounts — eventually draining them of thousands of dollars — and using his credit cards, the prosecutor said. Thurman admitted on the stand that he had had Carter’s wallet, but testified that Carter had given it to him for a scam that would benefit them both. Prosecutors said Thurman used Carter’s personal data to guarantee a lease for someone else and Carter reported that identity theft to police, motivating the killing.
This Scary Android Malware Can Record Audio, Video and Steal Your Data
Tuesday, July 18, 2017
zdnet.com
A new form of malware is one of the most advanced Android information stealers ever discovered, enabling attackers to open a backdoors in order to monitor data, steal information, record audio and video and even infect the phone with ransomware. Dubbed GhostCtrl, the malware can stealthily control many of the infected devices functions - and the researchers warn that that this is just the beginning and it could evolve to become a lot worse.
FBI Article on Privacy Risks Associated With Internet-Connected Children's Toys
Tuesday, July 18, 2017
us-cert.gov
The FBI has released an article on the privacy risks associated with Internet-connected children's toys. The FBI warns that Internet-connected toys may contain "sensors, microphones, cameras, data storage components, and other multimedia capabilities - including speech recognition and GPS options" that may put the privacy and safety of children at risk due to the disclosure of personal information.
FTC Releases Alert on Digital Security While Traveling
Tuesday, July 18, 2017
us-cert.gov
The Federal Trade Commission (FTC) has released an alert on ensuring good digital security while traveling. Security recommendations include using caution while accessing free Wi-Fi hotspots, keeping all software updated, and using Virtual Private Networks (VPNs).
US Charging 412 in Health Fraud Schemes Worth $1.3 Billion
Monday, July 17, 2017
abcnews.go.com
More than 400 people have been charged with taking part in health care fraud and opioid scams that totaled $1.3 billion in false billing, Attorney General Jeff Sessions announced Thursday. Sessions called the collective action the "largest health care fraud takedown operation in American history" and said it indicates that some doctors, nurses and pharmacists "have chosen to violate their oaths and put greed ahead of their patients."
Woman Gets 34 Months in Prison for Fraud, Identity Theft
Monday, July 17, 2017
stltoday.com
Robin D. Matthews was working for United HealthCare and accessed the records of at least 75 people between May 2015 and February 2016 and used that information to submit 229 credit card applications, prosecutors have said.
Galveston Party Boat Captain Sentenced in Decades-Old Identity Theft
Monday, July 17, 2017
mysanantonio.com
A Galveston yacht captain caught living a double life under a secret alias was sentenced Wednesday to three years in federal prison, resolving one case but leaving unanswered questions about the mysterious deaths of her husband and baby nearly three decades ago.
Companies Can Be Identity Theft Victims
Monday, July 17, 2017
memphisdailynews.com
A business may not know its name is being used fraudulently until it starts getting calls from angry consumers who think it’s cheated them.
What You Should Never, Ever Do If You Want to Stop Scam Calls
Monday, July 17, 2017
concerningconsumers.bangordailynews.com
The Better Business Bureau Scam Tracker says nearly 6,000 scams involving phone calls have been reported just this year. So what can you do if scammers just won’t stop?
Dow Jones Customer Data Exposed in Cloud Error
Monday, July 17, 2017
thehill.com
Data on millions of Dow Jones customers was potentially exposed to unauthorized access on Amazon Cloud due to a configuration error, a spokesman for the publishing and financial information giant confirmed Monday. The spokesman told The Hill that personal data on 2.2 million customers had been over-exposed on Amazon Cloud as a result of an internal error. There is no evidence that malicious actors accessed the information, however.
Lloyds of London: Insure Cyberattacks Like Natural Disasters
Monday, July 17, 2017
thehill.com
Cybersecurity insurers have to become more prepared to treat global cyberattacks more like national disasters than traditional crimes, concludes a report from insurer Lloyd's of London.
Thieves Used Infrared to Pull Data From ATM ‘Insert Skimmers’
Monday, July 17, 2017
krebsonsecurity.com
A greater number of ATM skimming incidents now involve so-called “insert skimmers,” wafer-thin fraud devices made to fit snugly and invisibly inside a cash machine’s card acceptance slot. New evidence suggests that at least some of these insert skimmers — which record card data and store it on a tiny embedded flash drive — are equipped with technology allowing them to transmit stolen card data wirelessly via infrared, the same communications technology that powers a TV remote control.
Millions of Verizon Customer Records Exposed in Security Lapse
Wednesday, July 12, 2017
zdnet.com
As many as 14 million records of subscribers who called the phone giant's customer services in the past six months were found on an unprotected Amazon S3 storage server controlled by an employee of Nice Systems, a Ra'anana, Israel-based company.
One in Four Will Consider Not Voting in Elections Due to Cybersecurity
Wednesday, July 12, 2017
thehill.com
One in four United States voters say they will not consider voting in upcoming elections due to concerns over cybersecurity, according to a new poll conducted by a cybersecurity firm. The 27 percent of voters who agreed with that statement mark a seven percent rise over a similar poll conducted in September.
Trump Hotels Customers Hit by Credit Card Stealing Hackers - Again
Wednesday, July 12, 2017
hotforsecurity.bitdefender.com
A letter posted on the Trump Hotels corporate website explained that the hackers broke into Sabre Hospitality Solutions, a reservation service used by Trump Hotels, to steal data...As well as payment card information, in some cases it was possible for the hacker to also access hotel guests’ names, email addresses, phone numbers, postal addresses, and other information potentially opening up further opportunities for fraud.
California Association of Realtors Subsidiary Suffers Major Data Breach
Wednesday, July 12, 2017
sandiegouniontribune.com
The data may have included the user’s name, address, credit card number, credit card expiration date and, in some instances, credit card verification code (CVC code).
Foreign Hackers Probe European Critical Infrastructure Networks: Sources
Wednesday, July 12, 2017
reuters.com
Cyber attackers are regularly trying to attack data networks connected to critical national infrastructure systems around Europe, according to current and former European government sources with knowledge of the issue.
3 New Ways That Criminals Are Making Money off Your Stolen Data
Wednesday, July 12, 2017
inc.com
Cyber criminals in the vanguard have turned their attention to putting stolen personal data to work expanding and accelerating a variety of attacks. Here's are a few snapshots of how they continually innovate.
Woman Pleads Guilty in Jewish Nursing Home Identity Theft Case
Wednesday, July 12, 2017
forward.com
A 40-year-old Queens woman pleaded guilty this week to making unauthorized purchases on the credit cards belonging to three elderly patients at a New York Jewish nursing home.
Feds: One-Man Identity Theft Crime Spree Involved Several Victims, Stores and Cities
Wednesday, July 12, 2017
wpri.com
His face was the same, but federal investigators allege his name changed as often as his shopping choices, which included several big name retailers in a number of local communities.
The 1990’s Called – They Want Their Security Crisis Back
Friday, July 07, 2017
techspective.net
James Lee: "Our current system of patching known flaws and protecting against zero day attacks simply does not work. And the shadowy hackers currently engineering the next WannaCry-style mass attack know that.
Is Online Banking Safe? 65 Percent of U.S. Bank Websites Failed Security Tests
Friday, July 07, 2017
ibtimes.com
While banking sites should be among sites that utilize the highest level of security, the Online Trust Alliance’s annual Online Trust Audit handed out failing grades to 65 percent of the top 100 financial institutions in the U.S.
Scammers Want to Wreck Your Vacation Travel Plans
Friday, July 07, 2017
cnbc.com
Some 15 million bookings are linked to phony websites and call centers, resulting in $1.3 billion in transactions each year, according to the American Hotel & Lodging Association, an advocacy group that represents the hotel industry.
Residents of These States Are Most Vulnerable to Identity Theft
Friday, July 07, 2017
marketwatch.com
The Sunshine state is the most vulnerable in the U.S. for identity theft, according to a recent analysis from the personal-finance website SmartAsset. Florida was followed by Maryland, Delaware, New Jersey and Connecticut. The site ranked each state based on factors including Federal Trade Commission data on how many consumers complained about identity theft and identity fraud in 2015, per 100,000 residents.
Lasting Damage and a Search for Clues in Cyberattack
Friday, July 07, 2017
nytimes.com
Hospitals across the United States have not been able to create electronic records for more than a week after the software maker Nuance Communications experienced significant problems with its computers. On Thursday, it was not clear when all of the company’s systems would be working properly.
Hackers Are Targeting Nuclear Facilities, Homeland Security Dept. and F.B.I. Say
Friday, July 07, 2017
nytimes.com
Since May, hackers have been penetrating the computer networks of companies that operate nuclear power stations and other energy facilities, as well as manufacturing plants in the United States and other countries. Among the companies targeted was the Wolf Creek Nuclear Operating Corporation, which runs a nuclear power plant near Burlington, Kan., according to security consultants and an urgent joint report issued by the Department of Homeland Security and the Federal Bureau of Investigation last week.
Data Breaches Often Come From Where You Expect It Least
Friday, July 07, 2017
inc.com
Small businesses and startups, in particular, may not be familiar with the threats or with their responsibilities to mitigate those risks, so it's important to take steps to prevent data breaches no matter what type of business you have or where the threats may be coming from. The first step is to recognize where most of the threats originate, and it may not be where you think.
Survey: Cyber Pros Fear Attack on Critical Infrastructure
Friday, July 07, 2017
fcw.com
Despite the fact that there has not been a successful cyberattack of consequence on U.S. critical infrastructure, security professionals are increasingly worried that such an attack will take place in the next two years, and they said the government isn't properly trained and equipped to respond.
You Are the Key to Keeping Your Computer Safe
Thursday, July 06, 2017
cnn.com
Ultimately, we have yet to make a dent in tackling the single biggest problem in cybersecurity: users. From not installing software patches or conducting routine updates to clicking on malicious hyperlinks and attachments in spear-phishing emails, and using weak passwords on devices, regular people — all of us computer users — continue to be the conduits for most cyberattacks. And so far, the only proactive approach against this continues to be security awareness training, which people usually only get when they're affiliated with larger organizations. Not only does this leave everyone else, from small businesses to senior citizens, vulnerable, but all signs also point to a limited impact of such training even within big organizations.
Is It Time to Can the CAN-SPAM Act?
Thursday, July 06, 2017
krebsonsecurity.com
Ron Guilmette, an anti-spam activists whose work has been profiled extensively on this blog, didn’t sugar-coat it, calling CAN-SPAM “a travesty that was foisted upon the American people by a small handful of powerful companies, most notably AOL and Microsoft, and by their obedient lackeys in Congress.” According to Guilmette, the Act was deliberately fashioned so as to nullify California’s more restrictive anti-spam law, and it made it impossible for individual victims of spam to sue spam senders. Rather, he said, that right was reserved only for the same big companies that lobbied heavily for the passage of the CAN-SPAM Act.
Lottery Rigging Accomplice Used Payout for Offshore Tax Scam
Thursday, July 06, 2017
apnews.com
After Robert Rhodes collected a Wisconsin Lottery jackpot that had been rigged by his friend, he used the windfall for an investment scheme that produced another wave of undeserved government money, court records show.
Security Summit Warns of New Phishing Email Targeting Tax Pros
Thursday, July 06, 2017
irs.gov
The IRS, state tax agencies and the tax industry today warned tax professionals to beware of phishing emails purporting to be from a tax software education provider and seeking extensive amounts of sensitive preparer data.
Sheriff's Deputy Tells Judge He Committed Identity Theft to Help Send Kids to College
Thursday, July 06, 2017
sun-sentinel.com
A Palm Beach County sheriff’s deputy admitted he used his access to law enforcement databases to steal dozens of people’s identities.
Alert UPS Driver Helps Authorities Arrest Identity Theft Suspect
Thursday, July 06, 2017
tcpalm.com
Detectives said Eric Thomas, 43, of West Palm Beach had made online orders using the person's name and former address in the 2300 block of Winding Creek Lane, Fort Pierce. The former tenant had not lived there in two years, however, and the UPS driver assigned to the route knew this, detectives said. The driver contacted the Sheriff's Office when Thomas informed UPS he wanted to rendezvous at a gas station in the 4000 block of West Midway Road to retrieve the packages, according to the affidavit.
29-Yr-Old Found With Identity Theft Equipment in Colorado Springs
Thursday, July 06, 2017
krdo.com
Authorities found a gas pump skimmer, two ATM skimmers, new and used gift cards and an electronic device used to recode credit cards with stolen credit card information.
Hackers Find ‘Ideal Testing Ground’ for Attacks: Developing Countries
Thursday, July 06, 2017
nytimes.com
Security researchers are increasingly looking in countries outside the West to discover the newest, most creative and potentially most dangerous types of cyberattacks being deployed. As developing economies rush to go online, they provide a fertile testing ground for hackers trying their skills in an environment where they can evade detection before deploying them against a company or state that has more advanced defenses.
When Cyberweapons Go Missing
Wednesday, July 05, 2017
nytimes.com
Twice in the past few months, powerful cyberattacks have wreaked havoc on the world, shutting down tens of thousands of computers, including critical machines in hospitals, a nuclear site and businesses. The attacks were initially thought to be schemes to collect ransom, but their goals — whether money, politics or just chaos — have become increasingly blurred. One thing seems clear: The weapons for the attack were developed by the National Security Agency and stolen from it.
The Day a Mysterious Cyberattack Crippled Ukraine
Wednesday, July 05, 2017
bbc.com
This time last week, an online attack brought chaos to Ukraine’s banks, hospitals and government, before spreading worldwide. The evidence suggests that money was not the aim – the real intention was disguised. Could it be a sign of something more serious to come?
22,000 Patients Affected by Ransomware Attack on Cleveland Medical Associates
Wednesday, July 05, 2017
healthcareitnews.com
The potentially compromised data contained patient names, Social Security numbers, clinical information like medical records, insurance billing data, addresses, phone numbers and email.
Ransomware Health Data Breach Affects 500,000 Patients
Wednesday, July 05, 2017
huntonprivacyblog.com
On June 26, 2017, Airway Oxygen, a provider of oxygen therapy and home medical equipment, reported that it was the subject of a ransomware attack affecting 500,000 patients’ protected health information. The attack is the second largest health data breach recorded by the Office for Civil Rights this year, and the largest ransomware incident recorded by OCR since it began tracking incidents in 2009.
Cyberattack Forces West Virginia Hospital to Scrap Computers
Wednesday, July 05, 2017
wsj.com
Princeton Community Hospital in rural West Virginia will scrap and replace its entire computer network after being struck by the cyberattack paralyzing computers globally.
Phishing for Photos
Wednesday, July 05, 2017
fbi.gov
Many hackers use the Internet to swindle money or to get revenge on their adversaries. But an Alabama man’s online crime was stealing women’s personal photos simply for the thrill of invading their privacy.
How to Check Your Child’s Credit Report: Step-By-Step Instructions
Wednesday, July 05, 2017
creditcards.com
Identity theft of children is often hard to detect until they turn 18. By then, however, their credit may be ruined. Here are the steps you should take when contacting the top three credit bureaus if you suspect your child is a victim of identity theft.
Yes - AA Customer Credit Card Data Was Exposed
Wednesday, July 05, 2017
grahamcluley.com
Amid criticism from the security community and growing media interest, the AA's support Twitter account went into overdrive describing the reports of a data breach on its online store as "speculation" and asserting that "credit card details have not been compromised."...But one thing's for certain. Partial credit card data of AA customers *did* leak out.
Are the Dangers of Cyberattacks Targeting School Districts Being Overlooked?
Thursday, June 22, 2017
govtech.com
Two months before the U.S. presidential election, international hackers slipped into the computer systems of at least four Florida school district networks in the hopes of stealing the personal data of hundreds of thousands of students. They infected the systems with malware — malicious software — that turned off the logs recording who accessed the systems, according to United Data Technologies, the Doral-based cybersecurity company that investigated the incidents. For three months, the hackers probed the systems, mapping them out and testing their defenses. At one point, they even posted photos of someone dressed as an ISIS fighter on two school district websites.
South Korean Hosting Firm Pays $1 Million Ransom
Friday, June 23, 2017
healthcareinfosecurity.com
South Korean web hosting firm Nayana has agreed to pay its attackers a record-shattering $1 million to unlock servers encrypted by ransomware.
Denver Identity Theft Protection Company Bought for $63 Million
Friday, June 23, 2017
9news.com
ID Watchdog, a 12-year-old Denver identity theft protection company, said it's being purchased by a Georgia firm for $63.3 million. ID Watchdog said Atlanta-based Equifax Inc., a consumer credit reporting company, is buying all of its outstanding shares for 40 cents each, or $63,335,000 in cash.
Elaborate Scam Sets up Fake 'Law Firm' to Bilk Elderly
Friday, June 23, 2017
chron.com
The estate planning lawyers on the website at Walsh & Padilla in Houston look like you would expect. Earnest. Well-groomed. Suits and ties for the men, pearls and pendants for the women. There's only one problem: Walsh & Padilla doesn't exist.
Man Arrested in Alleged Business Email Compromise Scam
Friday, June 23, 2017
local10.com
A business email compromise scheme uses compromised email accounts to convince the victims to wire transfer money that they believe is for legitimate business purposes. FDLE spokeswoman Jessica Cary said a woman in Lee County believed that she was communicating with her real estate attorney via email and transferred more than $100,000 for a real estate purchase. Cary said another woman in Pennsylvania believed that she received an email from a supervisor directing her to transfer more than $20,000 to purchase clothing.
Online Romance Scams Are Fleecing More Americans
Friday, June 23, 2017
forbes.com
...As the romance progressed, Charlie confessed to some problems of his own. He was having trouble completing a construction project in California and asked for a loan of $30,000, which he promised to pay back right away. A few months later, he needed another loan. By the time her alarmed financial adviser convinced her to contact the FBI two years later, she had sent Charlie $2 million – her entire life’s savings.
Lawmakers Told of Growing Cyber Threat to Election Systems
Thursday, June 22, 2017
thehill.com
Lawmakers on Wednesday learned that federal officials have evidence that election-related systems in 21 states were targeted by Russia ahead of the 2016 presidential election. Members of the Senate Intelligence Committee received the information amid growing concerns on Capitol Hill about the possibility of foreign interference in future electoral processes.
How 3 Hospital Breaches Went Undetected for More Than 3 Years
Thursday, June 22, 2017
healthcareitnews.com
Three healthcare information security incidents that happened more than 36 months ago were just discovered in May — highlighting the fact that hospitals continue struggling with breach detection. What’s more, the incidents were caused by employees.
Security Experts Warn Lawmakers of Election Hacking Risks
Wednesday, June 21, 2017
zdnet.com
More than a hundred security researchers and computer science experts have warned in a letter to lawmakers that not enough is being done to ensure the integrity of state and federal elections. The letter, published Wednesday, argues many US states are "inadequately prepared" to respond to cybersecurity risks with upcoming elections.
Honda Halts Japan Car Plant After WannaCry Virus Hits Computer Network
Wednesday, June 21, 2017
itsecurityguru.org
Honda Motor Co said on Wednesday it halted production at a domestic vehicle plant for a day this week after finding the WannaCry ransomware that struck globally last month in its computer network. The automaker shut production on Monday at its Sayama plant, northwest of Tokyo, which produces models including the Accord sedan, Odyssey Minivan and Step Wagon compact multipurpose vehicle and has a daily output of around 1,000 vehicles.
Republican 198M Voter Data Breach Exposes Third Party Risk
Wednesday, June 21, 2017
bna.com
A Republican National Committee data breach that led to the exposure of 198 million voter files highlights the third-party vendor data security risks faced by companies and organizations.
Homeland Security Official: Russian Government Actors Tried to Hack Election Systems in 21 States
Wednesday, June 21, 2017
washingtonpost.com
People connected to the Russian government tried to hack election-related computer systems in 21 states, a Department of Homeland Security official testified Wednesday.
6 Indicted in Wichita Identity Theft Case
Wednesday, June 21, 2017
usnews.com
A federal indictment alleges that six people from the Wichita area have been indicted in an identity theft case in which stolen mail was used to make fake identification documents and pass forged checks.
Identity Theft Scheme Used Vacation Holds, Address Change Requests to Divert Mail
Wednesday, June 21, 2017
sacbee.com
Allegedly used stolen personal identifying information to fraudulently obtain credit cards, checks and merchandise. To avoid detection, they often requested that the items be mailed to the victims’ real addresses. But the alleged conspirators then filed false vacation holds and change-of-address forms with the U.S. Postal Service to divert the items to themselves, according to the news release.
Mother Who Fled Country With Daughters Sentenced for Identity Theft
Wednesday, June 21, 2017
ottawaherald.com
A woman who pleaded guilty to forging her ex-husband’s signature on official documents when she fled to Europe with her daughters was sentenced Tuesday in U.S. District Court, Kansas City, Kansas, to three years on probation including six months home confinement.
Latest Scam Offers ‘Settlement’ From Western Union
Wednesday, June 21, 2017
ctpost.com
The emails claim to be from Maureen Ohlhausen, Acting Chairman of the FTC, but it’s a scam...The email asks you to supply your bank account information so you can get money from the government’s settlement with Western Union.
Man and Woman Use Online Dating Profiles to Target U.S. Marines in Identity Theft Scheme
Tuesday, June 06, 2017
wtkr.com
The investigation revealed that between 2013 and 2015 Martin, working with accomplices including Tykoski, created fake female identities on internet dating websites to target and lure young enlisted Marines into virtual relationships. In the course of the fraud scheme, the defendants sent text messages and emails to Marines who were deceived into believing they were in online romantic relationships. Martin and Tykoski got the victims to take out personal loans from Navy Federal Credit Union. Using the victims’ personal identification, Martin then initiated wire transfers of the loan proceeds into other accounts. Martin also withdrew funds using new lines of credit and accounts in the victims’ names. This left the victim Marines to pay off the debts.
Puppy Scam Targets People Looking for Pets Online
Tuesday, June 06, 2017
fox6now.com
Summer is a popular time to buy a puppy. As you start searching for a four-legged friend to join your family, be on the lookout for a scam that is on the rise.
Psychic Scams Steal Millions From Unwitting Victims
Tuesday, June 06, 2017
miaminewtimes.com
Annie had three evil spirits inside her. Well, actually, two: One was pregnant with a cute little baby evil spirit.
Austin Patient Info Could Have Leaked Online as Early as 2013, Local Clinic Says
Tuesday, June 06, 2017
statesman.com
A data breach at a local clinic caused the information of about 2,000 patients to leak online, the Austin doctor’s office announced Monday. Names, dates of birth, addresses, phone numbers, email addresses, medical account numbers, preferred language, race and ethnicity were disclosed, Victory Medical Center said in a news release Monday.
People Should Be Aware of the Dark Web and Its Role in Identity Theft
Tuesday, June 06, 2017
normantranscript.com
A recent survey commissioned by Experian shows that 1 out of 2 people are either unconcerned or unsure what dark web exposure could mean for their identities.
Supreme Court to Rule on Cellphone Location Privacy
Tuesday, June 06, 2017
politico.com
The Supreme Court has agreed to decide how much privacy Americans are entitled to in cellphone tracking data that can reflect their location and movement.
Federal Task Force: Here's How to Fix Healthcare Cybersecurity
Tuesday, June 06, 2017
thehill.com
“It’s not just that small- and medium-sized businesses lack funding to incentivize talent. It’s not just the growing lack of talent or encouraging people to go to rural locations. It’s all of them,” Corman said. Though the Health Insurance Portability and Accountability Act (HIPAA) requires healthcare offices to designate an employee in charge of information privacy, many have no training in cybersecurity. Some offices only employ staff in the single digits, meaning an investment in a new full-time worker to handle information security would be an untenable investment.
Computer Stolen at the Hall of Justice Puts Some at Risk for Identity Theft
Tuesday, June 06, 2017
wdrb.com
A computer stolen at the Louisville Hall of Justice puts some people at risk of identity theft. The computer used by two Assistant County Attorneys was taken from a publicly accessible conference room. Louisville Metro launched an internal investigation, after the theft was reported. With the help of an outside forensic expert, the city determined there may have been sensitive information on the computer.
Motorcycle Gang Busted for Hacking and Stealing Over 150 Jeep Wranglers
Friday, June 02, 2017
bleepingcomputer.com
US authorities say that after identifying a Jeep Wrangler, a scout would have to obtain the car's Vehicle Identification Number (VIN), a code printed in the car's dashboard, or another location on the car. Scouts would pass the VIN to their leader, who would then pass the code to a key cutter via Facebook. According to court documents, the key cutters had found a way to access a proprietary database containing replacement key codes for Jeep Wrangler models.
Inside Google’s Global Campaign to Shut Down Phishing
Friday, June 02, 2017
wired.com
Some phishing specialists believe that emphasizing user training is the real key to stopping phishing, but as Aaron Higbee, the CTO of the user-training firm PhishMe, puts it, “We need technology to do as much as it can. For Google they have to pursue that.” Focusing on technological solutions plays to Google’s strengths.
Identity Theft Feeds on Social Security Numbers Run Amok
Friday, June 02, 2017
bloomberg.com
Social Security numbers, which identify the retirement accounts Americans build up over a lifetime of paycheck deductions, are taken in the vast majority of data breaches, simply because they are ubiquitous. They're a juicy target. Together with other basic information, like name and date of birth, the Social Security number is a passport to a person's identity. Unlike a credit card number, which can be instantly canceled, the SSN serves most people for their entire lives, with some 496 million issued since the first batch of cards went out in 1936. Its use as authentication for personal accounts has expanded the opportunity for fraud.
Man Sentenced for Identity Theft in Scheme to Defraud Retirement Accounts
Friday, June 02, 2017
bankerandtradesman.com
Marseille approached Jasmine Banks, who, at the time, worked as a customer service employee at Mercer Inc. in Norwood. Marseille used Banks to obtain personally identifiable information and bank account information for individuals whose retirement accounts were administered by Mercer.
Credit Card Breach at Kmart Stores. Again.
Friday, June 02, 2017
krebsonsecurity.com
For the second time in less than three years, Kmart Stores is battling a malware-based security breach of its store credit card processing systems.
OneLogin: Breach Exposed Ability to Decrypt Data
Friday, June 02, 2017
krebsonsecurity.com
OneLogin, an online service that lets users manage logins to sites and apps from a single platform, says it has suffered a security breach in which customer data was compromised, including the ability to decrypt encrypted data.
Feds Levy $155M Fine Against Software Vendor for Faulty Patient Records
Friday, June 02, 2017
politico.com
The settlement, the first of its kind involving a health IT company, also states that Massachusetts-based eClinicalWorks paid kickbacks in exchange for promoting its product, which had flaws that may have exposed millions of patients to potential safety risks.
Medical Employee Pleads Guilty to Patient Identity Theft
Thursday, June 1, 2017
wbtv.com
Court documents say 24-year-old Keniona Thomas of Charlotte provided the personal information of more than 150 patients to her co-conspirator, Christopher Roach, who used the information to make fraudulent purchases and obtain fake driver's licenses.
How the Superhero Approach Can Help You Avoid Identity Theft
Thursday, June 1, 2017
blog.credit.com
A recent Experian study found that most people still have a lot to learn about the risk of identity theft. The majority of those surveyed felt like they were safe from identity theft, but not for the right reasons. The most popular misconception was that scammers, phishers and identity thieves only target the rich and possibly famous.
Man Sentenced to Two Years for Identity Theft
Thursday, June 1, 2017
wajr.com
He used the information to file fraudulent tax returns in Ohio, South Carolina, and Hawaii from December 2012 to May 2013.
When a Loved One Dies, How to Protect Yourself From Scams, Identity Theft and Creeps
Thursday, June 1, 2017
forbes.com
After a loved one dies, those left behind are consumed with grief and shock. Sadly this can make you a target for scammers who prey on the vulnerable, especially the widow/widower. Unfortunately most of us will lose a loved one at some point during our lifetime, but hopefully you won't encounter one of these heartless scams. This is the last thing you should have to deal with during a tragedy, so best to be safe, be aware and protect yourself should the worst happen.
Fight Against Identity Theft in Michigan Earns Federal Recognition for Unemployment Insurance Investigators
Thursday, June 1, 2017
michiganpeninsulanews.com
Between the two states (Florida and Michigan), 24 convictions, more than $2.2 million in restitution and over $1.5 million in penalties were levied against violators thanks to the efforts of Senior Regulation Agents Kurt Eggly, Todd Kangas and Jon Martin. As a result, they received the Inspector General Special Assistance Award.
Illinois State Police Warns Against Statewide Phone Scam
Thursday, June 1, 2017
bnd.com
Police said scam victims have received calls from someone claiming to be associated with Illinois State Police. The caller says he or she is seeking donations for officers who died in the line of duty.
Scam Targeting DirecTV Customers
Thursday, June 1, 2017
kvia.com
Villanueva says he didn't think anything was unusual because he received a call last week from a number identical to DirecTV and his caller ID even showed DirecTV. Villanueva says what's even more frightening is the man on the other line gave Villanueva all of his account information including his new home address. Villanueva says the man offered a two-year promotion where the customer pays $60 a month for all channels, but he needed to purchase a $300 Amazon gift card to pay for the first five months. As a gift, he would then receive a $100 gift card in return.
University of Alaska: Thousands Affected by Data Breach, Including Names, Social Security Numbers
Thursday, June 1, 2017
ktuu.com
Approximately 25,000 students, staff, and faculty members associated with the University of Alaska were affected following a successful phishing scam and subsequent data breach late last year.
Cybercrime Costs to Reach $8 Trillion by 2022
Wednesday, May 31, 2017
darkreading.com
Cybercrime costs are expected to saddle businesses with a whopping $8 trillion price tag over the next five years, as connectivity to the Internet rises but security system upgrades don't keep pace, according to a Juniper Research report.
Hackers Hide Cyberattacks in Social Media Posts
Wednesday, May 31, 2017
nytimes.com
It took only one attempt for Russian hackers to make their way into the computer of a Pentagon official. But the attack didn’t come through an email or a file buried within a seemingly innocuous document.
3 Nigerian Cyberthieves Sentenced to Total of 235 Years in Prison
Wednesday, May 31, 2017
darkreading.com
Using love-struck girlfriends found on the Internet to help them carry out their schemes, three Nigerian cyberthieves and their cohorts made off with tens of millions of dollars in pilfered goods before they were ultimately sentenced to a collective total of 235 years in prison.
Medicare Making Changes to Help Prevent Identity Theft
Wednesday, May 31, 2017
abc2news.com
The government says it's on track to meet a 2019 deadline for replacing Social Security numbers on Medicare cards with randomly generated digits and letters to protect seniors against identity theft.
Scam Artist Bilked Elderly Woman out of Life’s Savings
Wednesday, May 31, 2017
timesleader.com
Pennsylvania Attorney General Josh Shapiro Tuesday announced the arrest of a Washington County man charged with using an investment scheme to steal approximately $159,000 from a 69-year-old Lancaster County woman. Shapiro said the scam artist led the victim to believe she would face retaliation from the mafia if she did not continue giving him money. The victim lost her life’s savings to the scheme.
Alleged Con Artist Arrested for Scam That Lasted 14 Years
Wednesday, May 31, 2017
montrealgazette.com
Police are seeking possible victims of 52-year-old woman they allege has bilking gullible investors for the past 14 years.
How Can a ‘Power Surge’ Bring an Airline to a Standstill?
Wednesday, May 31, 2017
nbcnews.com
Bringing one of the world's leading airlines to a standstill may sound like the work of hackers, but British Airways has a shockingly simple explanation for last weekend's IT meltdown.
Top 100 Information Security Blogs for Data Security Professionals
Wednesday, May 31, 2017
blog.feedspot.com
The best information security blogs from thousands of top information security blogs in our index using search and social metrics.
Veterinarian Charged With Fraud, Identity Theft
Tuesday, May 30, 2017
abc11.com
Paula Bullock, owner of Affordable Animal Care on North Pointe Drive, is accused of using a customer's credit card to charge more than $36,000 in personal expenses and more than $2,500 in vet supplies from December 2016 through April 2017. Police also said Bullock used another veterinarian's identity and forged documents to obtain more than $11,700 in veterinary supplies and medications.
Attorney Charged With Witness Tampering in Connection With ID Theft Ring
Tuesday, May 30, 2017
seattletimes.com
King County prosecutors filed a witness-tampering charge Thursday against a Bellevue attorney in connection with an investigation of a Seattle-area identity-theft ring that allegedly committed millions of dollars in fraud.
Chipotle Dishes Details on Data Breach
Tuesday, May 30, 2017
darkreading.com
Chipotle has published an update following a security incident announced April 25. It has confirmed malware was used to obtain payment card data from point-of-sale devices at certain outlets between March 24, 2017 and April 18, 2017. The Mexican chain restaurant says the malware read payment cards' magnetic stripes as they were routed through POS devices.
Trump’s Dumps: ‘Making Dumps Great Again’
Tuesday, May 30, 2017
krebsonsecurity.com
It’s not uncommon for crooks who peddle stolen credit cards to seize on iconic American figures of wealth and power in the digital advertisements for their shops that run incessantly on various cybercrime forums. Exhibit A: McDumpals, a hugely popular carding site that borrows the Ronald McDonald character from McDonald’s and caters to bulk buyers.
CISOs Can't Keep Up With Flood of Data Breaches
Tuesday, May 30, 2017
healthcareitnews.com
More than 80 percent of CISOs reported that some detected data breaches are going unaddressed, and 70 percent said it is difficult to prioritize threats based on business criticality, according to a new survey of 300 chief information security officers from around the world conducted by ServiceNow, an IT vendor whose products and services include security.
Old Mutual Targeted in Data Breach
Tuesday, May 30, 2017
businesstech.co.za
Financial services company Old Mutual has notified its customers of a data breach, after it detected unauthorised entry to one of its systems which led to some personal customer information being accessed.
65-Year-Old NYC Woman Loses Life Savings in Scam
Tuesday, May 30, 2017
theroot.com
Dorothy Edge, a 65-year-old retired nanny from Brooklyn, N.Y., thought she was helping out with a good deed. Instead, however, the kindhearted elderly woman was scammed out of her entire life savings, some $28,000 in a “pigeon drop scam,” authorities say.
Don't Fall for These Common Summer Scams
Tuesday, May 30, 2017
newsweek.com
Summertime is scam time, so this is the time to brush up on your scam-ology. From moving scams to travel schemes, there's no shortage of awful things waiting to befall you.
Identity Theft, Credit Card Fraud Suspects Arrested in Raid
Wednesday, May 24, 2017
nbclosangeles.com
Eleven people were arrested in a series of early morning raids in Los Angeles and Orange counties Tuesday as part of a years-long federal identity-theft and credit card fraud probe...The warrants were served in connection with a 27-count federal indictment unsealed Tuesday detailing a credit and debit card "skimming" operation. Skimmers — small devices that can scan and store data from the magnetic strips on the back of credit and debit cards — were allegedly installed by conspirators in area restaurants, according to the indictment. The eateries were not identified.
Married Upper Dublin Business Owners Face Jail for Identity Theft Scheme
Wednesday, May 24, 2017
montgomerynews.com
A husband and wife who operated an Upper Dublin heating and air conditioning business are headed to jail together after they fraudulently used the identities of people from Montgomery, Chester and Bucks counties to open credit accounts with a financial institution.
Medical Identity Theft on the Rise - 5 Tips to Protect Your Employees and Clients
Wednesday, May 24, 2017
scmagazine.com
In the U.S., medical identities are 20 to 50 times more valuable to criminals than financial identities. According to BankRate.com, the average cost for victims of medical identity theft is $22,000 to resolve the crime.
Woman Pleads No Contest to Charges of Felony Elder Abuse, Identity Theft
Wednesday, May 24, 2017
smdailyjournal.com
Jeanine Jantoc, 45, admitted she took more than $100,000 from her parents while she was living with them in South San Francisco between 2013 and 2016.
Data Breach: The Target Cyberattack
Wednesday, May 24, 2017
nydailynews.com
One of the biggest data breaches in history, the holiday hack on Target stores affected up to one-third of all American adults. @RepMikeRogers explains how Russian cyber thieves snuck into Target's payment system through an HVAC vendor, stealing 40 million credit cards over the course of two weeks before anyone noticed.
State Attorneys General and Target Resolve Investigation of 2013 Data Breach
Wednesday, May 24, 2017
huntonprivacyblog.com
On May 23, 2017, various Attorneys General of 47 states and the District of Columbia announced that they had reached an $18.5 million settlement with Target regarding the states’ investigation of the company’s 2013 data breach. This represents the largest multi-state data breach settlement achieved to date.
Using Bitcoin to Prevent Identity Theft
Wednesday, May 24, 2017
mit.edu
At the IEEE Symposium on Security and Privacy this week, researchers from MIT’s Computer Science and Artificial Intelligence Laboratory are presenting a new system that uses Bitcoin’s security machinery to defend against online identity theft.
Russian Cron Malware Operators Arrested Before Banking Malware Taken Abroad
Wednesday, May 24, 2017
news.softpedia.com
With the help of an Android malware, Russian cyber criminals were able to steal from local bank customers and were planning to move their operation to the rest of Europe. Twenty people were arrested as law enforcement tried to kill off the "Cron" malware campaign.
Ukrainian Hacker Gets 2 Years in Press Release Hacking Scheme
Tuesday, May 23, 2017
thehill.com
A Ukrainian hacker has been sentenced to more than two years in prison for his role in an international scheme that involved hacking unpublished news releases to net roughly $30 million in illegal profits...The scheme involved hacking into three business newswires, stealing not-yet-published press releases by public companies that contained financial information and using that information to make trades generating roughly $30 million in illegal profits.
WannaCry: Ransomware Attacks Show Strong Links to Lazarus Group
Tuesday, May 23, 2017
symantec.com
Tools and infrastructure used in the WannaCry ransomware attacks have strong links to Lazarus, the group that was responsible for the destructive attacks on Sony Pictures and the theft of $81 million from the Bangladesh Central Bank.
Private Eye Allegedly Used Leaky Goverment Tool in Bid to Find Tax Data on Trump
Tuesday, May 23, 2017
krebsonsecurity.com
In March 2017, KrebsOnSecurity warned that thieves who perpetrate tax refund fraud with the U.S. Internal Revenue Service were leveraging a widely-used online student loan tool to find critical data on consumers that allows them to claim huge refunds with the IRS in someone else’s name. This week, it emerged that a Louisiana-based private investigator is being charged with using the same online tool to glean tax data on then-presidential candidate Donald J. Trump.
Man Gets State Prison in Identity Theft Case
Tuesday, May 23, 2017
goerie.com
The bonds, which were valued at $8,000, belonged to a man who had been the victim of an “impostor scam,” in which he had lost several thousand dollars in cash and savings bonds, according to the affidavit of probable cause.
Data Breach Exposes Social Security Numbers, Concealed Weapons Holders
Tuesday, May 23, 2017
tampabay.com
Social Security numbers for up to 469 people and information about thousands of concealed weapons holders were exposed in a data breach at Florida the Department of Agriculture and Consumer Services.
DocuSign Users Sent Phishing Emails After Data Breach
Tuesday, May 23, 2017
bbc.com
Electronic signature service provider DocuSign has admitted customer email addresses were accessed in a data breach. The addresses were then targeted in a series of phishing emails from "a malicious third party."
Mastermind Sagar Thakkar's Aide Arrested in Delhi in IRS Call Center Scam
Tuesday, May 23, 2017
economictimes.indiatimes.com
A key aide of Sagar Thakkar, the alleged kingpin of the IRS scam ­­ which duped thousands of Americans of over $300 million by reaching them via call centers posing as US officials to extort money ­­ has been arrested from Delhi, Thane Police said today.
Woman Loses $41,000 in IRS Scam
Tuesday, May 23, 2017
mywebtimes.com
"The scam started when the victim, a 63-year-old woman, received a call from a man with an accent who told her she owed thousands in back taxes," Bergeron said. "The caller led her to believe her arrest was imminent and that payments must be made immediately to avoid the police serving warrants."
Fraudsters Exploited Lax Security at Equifax’s TALX Payroll Division
Monday, May 22, 2017
krebsonsecurity.com
Identity thieves who specialize in tax refund fraud had big help this past tax year from Equifax, one of the nation’s largest consumer data brokers and credit bureaus. The trouble stems from TALX, an Equifax subsidiary that provides online payroll, HR and tax services. Equifax says crooks were able to reset the 4-digit PIN given to customer employees as a password and then steal W-2 tax data after successfully answering personal questions about those employees.
Ransomware Is Likely Most Devastating Cybersecurity Threat Ever Faced
Monday, May 22, 2017
tennessean.com
The notoriety of ransomware is so great that the United States Department of Health and Human Services has issued guidance specific to this threat, and the FBI has confirmed the devastation of ransomware, indicating that no industry is immune.
WannaCry Ransomware Deadline Passes, but Few Pay Up
Monday, May 22, 2017
zdnet.com
While WannaCry hit over 300,000 organisations around the world -- including European car manufacturers, the UK's National Health Service, and government institutions in Russia and China -- and heavily impacted on productivity, only a tiny percentage of victims have given into the demands of hackers.
Woman Gets 5+ Years for Widespread Identity Theft of Freddie Mac Employees
Monday, May 22, 2017
housingwire.com
A Maryland woman will spend more than the next five years in federal prison after being convicted of stealing the identities of more than 2,000 employees and affiliates of Freddie Mac and using those identities to fund a lavish lifestyle.
EDD Former Employee Charged With Fraud, Identity Theft
Monday, May 22, 2017
northbaybusinessjournal.com
The Dept. of Justice arrested two of five defendants in an alleged fraud for unemployment benefits and identity theft using personal information of workers throughout California. Fraudulent unemployment benefits totaled more than $800,000 with more than 250 stolen identities, the DOJ alleged.
Florida Deputy Withdraws Guilty Plea in ID Theft Case
Monday, May 22, 2017
usnews.com
Authorities say Felisma used a law enforcement database to steal personal identification information of people and sold it to an accomplice. The scheme was used to obtain credit cards fraudulently.
2 Men Sentenced for Bilking Iowa Woman in IRS Scam
Monday, May 22, 2017
wqad.com
Police say Phillips and Cruz had called the woman and threatened her with arrest if she didn’t pay them money they said she owed the government.
Banking Scam Sees Fraudsters Open 'Twin' Account Next to Your Real One
Monday, May 22, 2017
telegraph.co.uk
Halifax customer Mark Mansfield discovered a criminal had opened another Halifax current account online in his name, despite the fraudster providing fabricated information about his salary and employment details.
Man Loses Thousands of Dollars After Identity Theft, Police Say
Thursday, May 18, 2017
scarsdale.dailyvoice.com
According to police, last week, the man received “an unusual” email from the company Coinbase, stating that an account had been opened in his name, using his bank account. The man told police he did not open the account and advised both the company and his bank of the email so the account could be closed. Police said that when the man subsequently checked his online accounts with Chase Bank, there were eight unauthorized withdrawals from his savings account, totaling thousands of dollars, made between April 27 and May 10 this year. There were also a series of unauthorized small credits made during that time period.
Three Suspects Arrested in Identity Theft, Counterfeit Bills Operation
Thursday, May 18, 2017
koaa.com
Deputies found $12,500 in counterfeit bills, 12 different ID cards, a 13-year-old girl who had run away from home, a sawed off shotgun and 1.5 grams of heroin. Authorities said the bills had holographic markings that passed the marker test.
N.J. Woman Charged in $2.5M Sweepstakes Scam
Thursday, May 18, 2017
nj.com
The victim, a Weatherly, Pa. woman, was tricked by phone into believing she won $2.5 million and a Mercedes from a national sweepstakes company, the report said...The victim followed instructions from someone claiming to be from the sweepstakes company's legal department and sent Morgan $555 through a Walmart money transfer. Minutes later, she received another call asking her to send Morgan a $2,500 check to cover taxes.
ICS-CERT Releases WannaCry Fact Sheet
Thursday, May 18, 2017
us-cert.gov
The Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has released a short overview of the WannaCry ransomware infections. This fact sheet provides information on how the WannaCry program spreads, what users should do if they have been infected, and how to protect against similar attacks in the future.
OCR Fines Texas Health System for Alleged HIPAA Privacy Rule Violation
Thursday, May 18, 2017
huntonprivacyblog.com
The penalty followed an OCR compliance review of MHHS based on multiple media reports suggesting that MHHS had disclosed a patient’s protected health information (“PHI”) without authorization. OCR’s review focused on an incident that occurred when a MHHS patient allegedly presented fraudulent identification and was subsequently arrested. MHHS senior management approved the publishing of a press release about the incident that contained the patient’s name, an impermissible disclosure of PHI in violation of the Privacy Rule.
FTC Releases Alert on Fraudulent Emails
Thursday, May 18, 2017
us-cert.gov
The Federal Trade Commission (FTC) has released an alert about scammers sending out fake emails that look authentic to trick you into sending money to them. Users should be suspicious of unsolicited phone calls or email messages from individuals asking about your information. If an unknown individual claims to be from a legitimate organization, try to verify his or her identity directly with the company.
Senate Approves Encrypted App Signal for Staff Use
Thursday, May 18, 2017
thehill.com
The Senate Sergeant at Arms has approved the encrypted messaging app Signal for lawmakers and staff. The move was first noticed by the tech publication ZDNet in a letter from Sen. Ron Wyden (D-Ore.) thanking Sergeant at Arms Frank Larkin for the decision. In a letter last week, the senator thanked Larkin for improving the security of Senate websites and also praised him for “the recent announcement by your office that the end-to-end encrypted messaging app Signal is approved for Senate staff use.”
Woman Accused in Multi-State Identity Theft Scam, Police Say
Thursday, May 18, 2017
wapt.com
Officers said they found several fraudulent forms of ID, stolen credit cards and checks on Anthony when she was arrested. She also had several wigs.
Thousands of Patient Records Leaked in New York Hospital Data Breach
Friday, May 12, 2017
nbcnews.com
Medical records of at least 7,000 people compromised in a data breach involving Bronx Lebanon Hospital Center in New York disclosed patients' mental health and medical diagnoses, HIV statuses and sexual assault and domestic violence reports, according to records reviewed by NBC News. Other information in the compromised records, which online security experts said spanned 2014 to 2017, included names, home addresses, addiction histories and religious affiliations.
Robocalls Flooding Your Cellphone? Here’s How to Stop Them
Friday, May 12, 2017
nytimes.com
An unfamiliar number appears on your cellphone. It’s from your area code, so you answer it, thinking it might be important. There is an unnatural pause after you say hello, and what follows is a recording telling you how you can reduce your credit card interest rates or electric bill or prescription drug costs or any of a number of other sales pitches. Another day, another irritating robocall. If it feels as if your cellphone has increasingly been flooded with them, you’re right.
The Google Docs Phishing Scam: A Win for Security Awareness
Friday, May 12, 2017
tripwire.com
Even if you weren’t aware of it, you likely contributed to the security awareness of the global Internet community in early May 2017. By now, you’ve undoubtedly heard of the phishing scam using a phony Google Docs third-party extension. Across all sectors of social media, word spread like wildfire.
In the Grey Area Between Espionage and Cyberwar
Friday, May 12, 2017
zdnet.com
Nation-state backed hackers continue to probe the defence, government and private sector networks on a daily basis, according to the head of the US military cyber forces, and understanding their intentions is a key challenge. While espionage is the most likely aim, there is also concern that some of these incidents could be preparation for future attacks, according to Admiral Michael Rogers, head of US Cyber Command in testimony to the US Senate Committee on Armed Forces.
Over 80 Percent of Americans Are More Worried About Privacy, Security Than a Year Ago
Friday, May 12, 2017
esecurityplanet.com
More than 80 percent of Americans are more concerned about their online privacy and security today than they were a year ago...And more than 95 percent are concerned about companies collecting and selling their personal information without their consent, a recent survey found.
Central OH Group Charged With Running Identity Theft Ring
Friday, May 12, 2017
circlevilleherald.com
The 24-count indictment alleges that from January 2014 until January 2016 the group bought store merchandise after fraudulently obtaining new and using existing credit from retail stores. McCauley allegedly obtained victims’ social security numbers and dates of birth. Afterwards, he ran their credit history reports from websites like creditkarma.com.
Chinese Hackers Must Pay $9M Over Insider Trading Scam
Friday, May 12, 2017
bbc.com
The US Securities Exchange Commission (SEC) said Iat Hong, 26, Bo Zheng, 30, and Hung Chin, 50, breached the websites of US law firms and accessed confidential information about mergers and acquisitions.
NatWest Text Message Scam Is Allowing Fraudsters to Steal Bank Customers' Cash
Friday, May 12, 2017
independent.co.uk
NatWest customers are being warned about a new ‘smishing’ scam that allows fraudsters to steal their cash. The new type of scam, sees criminals sending unsuspecting victims a text message that appears to be sent from their bank.
Military Cadets Battle the NSA in Mock Cyberwar Games
Thursday, May 11, 2017
cnet.com
The US is a prime target for cyberattacks in the new age of digital warfare. Here's how officers-to-be are preparing for the future.
Texas Health System Settles Potential HIPAA Disclosure Violations
Thursday, May 11, 2017
hhs.gov
Memorial Hermann Health System (MHHS) has agreed to pay $2.4 million to the U.S. Department of Health and Human Services (HHS) and adopt a comprehensive corrective action plan to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule.
Rounding up Foreign Lottery Scammers
Thursday, May 11, 2017
consumer.ftc.gov
Just last week, the US Department of Justice (DOJ) announced that eight Jamaicans were extradited to the US and now are in custody in North Dakota. These eight people were charged with using a lottery scam to trick at least 90 people out of more than $5.7 million dollars.
Patient Portal Flaw Exposes Lab Records
Thursday, May 11, 2017
healthcareinfosecurity.com
A recent patient portal security mishap at a Texas-based cancer testing laboratory is the latest reminder of the need to safeguard sensitive health information on web-based applications and websites.
Bank of America Text Message Phishing Scam Resurfaces
Thursday, May 11, 2017
abc11.com
A Bank of America (BOA) phishing scam is making its way back onto the screens of mobile users.
Woman Pleads Guilty to Fraud, Identity Theft
Thursday, May 11, 2017
lakenewsonline.com
Bernstein opened accounts at Central Bank of the Lake of the Ozarks and at Landmark Bank in the names of persons whose names and Social Security numbers she obtained without their permission or knowledge. Bernstein admitted she altered the payee on some of the stolen checks she obtained in order to cash them in the names of a mother and daughter in California whose identities she had stolen.
Harrisburg Gastroenterology Victim to Data Breach — 93K Records Potentially Exposed
Thursday, May 11, 2017
beckersasc.com
The potential information contained names, demographic information, Social Security numbers, health insurance numbers, diagnostic information and clinical information.
Ohio AG Warns Consumers of Online Puppy Scams
Thursday, May 11, 2017
fox45now.com
If you're looking to add a four-legged friend to the family, the Ohio Attorney General has a warning for you.
FTC Launches Cybersecurity Resource Website for SMBs
Wednesday, May 10, 2017
darkreading.com
The Federal Trade Commission rolled out a website this week for small businesses that provides tips and resources on cybersecurity. The new ftc.gov/SmallBusiness website aims to help small businesses protect their networks and systems from cyberattacks, as well as protect customer and employee data. Access to the FTC's tips and advice are free.
SSA.GOV to Require Stronger Authentication
Wednesday, May 10, 2017
krebsonsecurity.com
The U.S. Social Security Administration will soon require Americans to use stronger authentication when accessing their accounts at ssa.gov. As part of the change, SSA will require all users to enter a username and password in addition to a one-time security code sent their email or phone. In this post, we’ll parse this a bit more and look at some additional security options for SSA users.
How America's Small Businesses Can Become Cyber Savvy and Scam-Free
Wednesday, May 10, 2017
thehill.com
As acting chairman of the U.S. Federal Trade Commission (FTC) and administrator of the U.S. Small Business Administration (SBA), our joint mission is to help businesses focus on business. That’s why we’ve teamed up to develop tools so companies take on two of their biggest concerns: fraud and cyber threats.
Identity Theft Ring Busted After Suspects Spend $150K at Macy’s
Wednesday, May 10, 2017
nypost.com
An identity-theft ring was busted Tuesday for using forged credit cards to rack up $150,000 in luxury cosmetics at Macy’s flagship store in Herald Square, officials said. The six defendants allegedly used credit car??d information stolen from more than a dozen customers at major banks...
Woman, Pushing Tot in Cart, Commits Identity Theft at Walmart
Wednesday, May 10, 2017
nbcsandiego.com
The woman placed an order for groceries via the Walmart smartphone app using a stolen credit card number. She picked up the items at the Santee store.
Thousands Potentially Exposed to Identity Theft After County Published Sensitive Information Online
Wednesday, May 10, 2017
thedenverchannel.com
The Larimer County Clerk and Recorder's office made sweeping changes to how it conducts business amid a Denver7 investigation, which revealed how officials had published sensitive information belonging to thousands of people online for months.
$10-Million Identity Theft Ring Busted After Joint U.S.-Canada Investigation
Wednesday, May 10, 2017
huffingtonpost.ca
Police say they've busted an identity theft ring in the Toronto area that allegedly caused $10 million in losses to residents in Canada and abroad. The cross-border investigation — dubbed Project Royal — involved Toronto police, the RCMP, several provincial ministries and U.S. agencies.
Second Circuit Affirms Dismissal of Putative Data Breach Class Action for Lack of Article III Standing
Wednesday, May 10, 2017
huntonprivacyblog.com
On May 2, 2017, the United States Court of Appeals for the Second Circuit issued a summary order affirming dismissal of a putative data breach class action against Michaels Stores. The plaintiff’s injury theories were as follows: (1) the plaintiff’s credit card information was stolen and twice used to attempt fraudulent purchases; (2) the risk of future identity fraud and (3) lost time and money resolving the attempted fraudulent charges and monitoring credit. The plaintiff, however, quickly cancelled her card after learning of the unauthorized charges and did not allege that she was held responsible for any of those charges.
Hackers Find Celebrities’ Weak Links in Their Vendor Chains
Tuesday, May 09, 2017
nytimes.com
In December, hackers impersonating an executive at Interscope Records, the record label owned by Universal Music Group, managed to bypass all the latest in digital defenses with a simple email. In a carefully tailored message, the hackers urged an executive at September Management, a music management business, and another at Cherrytree Music Company, a management and record company, to send them Lady Gaga’s stem files — files used by music engineers and producers for remixing and remastering.
Privacy Awareness Week: A Time to Learn
Wednesday, May 10, 2017
consumer.ftc.gov
Privacy Awareness Week is May 8-12, 2017. It’s an annual initiative of the Asia Pacific Privacy Authorities Forum that combines the efforts of privacy agencies in the region to share information about privacy practices and rules.
Consumer Blames Reporting Agencies for Identity Theft
Tuesday, May 09, 2017
setexasrecord.com
A consumer is suing reporting agencies, alleging false reporting. Kristine Castillo filed a complaint May 4 in the Houston Division of the Southern District of Texas against Equifax Information Services LLC, Experian Information Solutions Inc., TransUnion LLC, Harvest Associates Inc., et al, alleging they violated the Fair Credit Reporting Act. According to the complaint, Castillo was a victim of identity theft. The suit says as a result of the defendants providing false information to third parties, this information negatively reflects on Castillo's credit history, financial responsibilities and credit worthiness.
Police: Transit District Employee Stole $20K Through Identity Theft
Wednesday, May 10, 2017
norwalk.dailyvoice.com
Weeks manipulated payroll, adding hours to a certain employee's pay, which generated a separate paycheck, police said. He then stole these checks and forged the employee's signatures in order to deposit them, according to police.
Police Warn of Ongoing Phone Scams Affecting Residents
Wednesday, May 10, 2017
abc7.com
Yucaipa police are warning residents to be aware of ongoing scams involving phone calls from people posing as Edison, FBI and San Bernardino sheriff's officials.
FBI/IC3: Vile $5B Business E-Mail Scam Continues to Breed
Wednesday, May 10, 2017
networkworld.com
The FBI’s Internet Crime Complaint Center (IC3) this week said the plague it calls the Business Email Compromise continues to rack-up victims and money – over 40,000 worldwide victims and $5 billion in the latest count.
Monson Resident Falls Victim to IRS Scam, Turns $1,000 Over to Caller
Tuesday, May 09, 2017
masslive.com
The resident received the scam telephone call and was told he must pay $1,000 or risk a warrant being issued for his arrest, Monson Police officials said. "The resident followed the caller's instructions and immediately went out to purchase a gift card in the amount of $1,000," police said.
Identity Theft: Planning for the Future
Monday, May 08, 2017
ftc.gov
On May 24, 2017, the Federal Trade Commission will host an all-day conference to take a comprehensive look at how identity theft has evolved over the last decade and what we can do to address this challenge in the future.
Cybersecurity Reports Agree on Espionage, Differ on Public-Sector Data Breaches
Monday, May 08, 2017
govtech.com
Two studies of Internet security released within one day of each other had many similar findings, primarily that the public sector generally fared no better or worse than retail, business and other areas last year — but it continues to be a significant target for cyber- espionage and email-based attacks, though not necessarily other common U.S. attacks like identity theft.
Government Organizations Targeted in "Netrepser" Attacks
Monday, May 08, 2017
securityweek.com
A report published by Bitdefender on Friday details a previously undocumented cyber espionage campaign that leverages a piece of malware dubbed “Netrepser” to target government organizations.
Ontario Government Scrambling After Printing Mistake Causes Data Breach
Monday, May 08, 2017
ottawacitizen.com
The provincial government is scrambling to notify thousands of Ontarians that they have been victims of a data breach that has exposed the health card numbers, birth dates and homes addresses of at least 5,600 people.
How to Protect Your Privacy as More Apps Harvest Your Data
Monday, May 08, 2017
nytimes.com
For consumers, giving up some data has become part of the trade-off of receiving compelling, personalized services. But that doesn’t mean you have to be caught by surprise. Here are some tips from privacy experts on protecting yourself from tricky data collection.
Homeland Security Issues Warning on Cyberattack Campaign
Monday, May 08, 2017
healthcareinfosecurity.com
The Department of Homeland Security is warning IT services providers, healthcare organizations and three other business sectors about a sophisticated cyberattack campaign that involves using stolen administrative credentials and implanting malware, including PLUGX/SOGU and RedLeaves, on critical systems.
Assessing the Latest Draft Cybersecurity Executive Order
Monday, May 08, 2017
govinfosecurity.com
The latest draft version of the Trump administration's cybersecurity executive order is similar to the previous version and lays out a plan to secure U.S. federal government and critical infrastructure IT that could have come out of the Barack Obama White House, including modernizing federal IT.
Bank Account Hackers Used SS7 to Intercept Security Codes
Monday, May 08, 2017
bankinfosecurity.com
Hackers have exploited the Signaling System #7 international telecommunications signaling protocol as part of a two-stage attack designed to drain money from online bank accounts.
Cop Pleads Guilty in Identity Theft Scam
Friday, May 05, 2017
miami.cbslocal.com
A former Hialeah police officer accused of using a confidential driver’s license data base to access personal information in an identity theft scheme has pleaded guilty to corruption charges. Raul Castellon, 38, admitted in court documents using Florida’s Driver and Vehicle Information Database in 2016 to access identities of at least 25 people. Those identities were passed to co-conspirators who used them to buy goods with credit cards that were later sold for cash.
Email Scam Targets Homebuyers
Friday, May 05, 2017
wfmynews2.com
A Minnesota couple lost more than $200,000 in a sophisticated email scam authorities say is sweeping the country...Authorities say what happened to Tadevich and his wife should be a warning to anyone who uses email or does some of their banking online.
Debenhams Data Breach Underlines Need for Supply Chain Security
Friday, May 05, 2017
computerweekly.com
Debenhams is contacting 26,000 customers whose personal data is believed to have been exposed in a malware-enabled cyber attack on Ecomnova, which runs the Debenhams Flowers online florist.
Windows Backdoor Malware Disguises Itself as Adobe Flash on macOS
Friday, May 05, 2017
9to5mac.com
A new piece of backdoor malware originally discovered on Windows has found a new home in macOS. Disguising itself as a legitimate Adobe Flash Player installer, the malware burrows into pre-existing macOS folders making it harder to spot. Having used a valid developer’s certificate, the malware was set to run free on macOS even with Gatekeeper enabled.
Garage Burglary Leads Detectives to Identity Theft Operation
Friday, May 05, 2017
sacbee.com
Detectives learned that the identifying information of victims in the case had been stolen in various ways, including stolen mail, purses or wallets taken from cars, or during residential burglaries.
Southern California Edison Warns of 'ID Spoofing' Scam
Friday, May 05, 2017
keyt.com
Energy company Southern California Edison is warning residents about a rash of scam phone calls. The scam involves using special equipment to "spoof" or falsify caller ID information. Calls appear to be coming from Southern California Edison but are actually from a scammer. The scammer may pose as an SCE employee in order to obtain personal information or convince the recipient to purchase special products.
How a Suburban Man Fell Victim to Online Romance Scam
Friday, May 05, 2017
dailyherald.com
The 58-year-old man's troubles began in March, when he started corresponding via Facebook with a woman who told him she lived in Ohio, said Sugar Grove Police Chief Pat Rollins.
Fake Police Targeting Tourists in Wallet Scam
Friday, May 05, 2017
devonlive.com
Tourists are being targeted by fake police officers who check their wallets - only to return them with cash missing.
Hacker Arrested for Stealing $100 Million From Facebook and Google
Friday, May 05, 2017
esecurityplanet.com
Evaldas Rimasauskas allegedly used phishing attacks to trick the companies into transferring tens of millions of dollars to accounts he controlled.
Facebook Adds 3,000 Employees to Screen for Violence as It Nears 2 Billion Users
Friday, May 05, 2017
washingtonpost.com
Zuckerberg said that the social network is hiring 3,000 additional workers to its “community operations” team, which will field reports from users who flag inappropriate material on the site. The company would then have 7,500 workers on its global team. The new reviewers “will also help us get better at removing things we don't allow on Facebook like hate speech and child exploitation,” Zuckerberg said. Facebook will keep working with community groups — such as suicide prevention groups — and law enforcement to offer assistance to those who post or are seen in the videos who may need help, he said.
Who's Really Calling?
Friday, May 05, 2017
consumer.ftc.gov
The millions of people who reported scams last year told us that imposters were the top fraud of the year. Imposters have called many of us – maybe even most of us, pretending to be anyone from the IRS to a family member in trouble, from fake tech “help” for your computer to a business selling things that turned out to be bogus. Their goal? To get your money as quickly as possible.
TheDarkOverlord Dumps 180,000 Patients’ Records From 3 Hacks
Friday, May 05, 2017
databreaches.net
While thousands of their followers on Twitter seem to be eagerly waiting for TheDarkOverlord (TDO) to dump more tv films or episodes of popular series, TDO went non-fiction this morning, dumping patient/medical records from some of their hacks in the healthcare sector last year. All told, almost 180,000 patients had their personal information shared with the world.
Callers Claiming to Be From Boulder County Colorado Sheriff’s Office
Friday, May 05, 2017
kdvr.com
The district attorney’s office issued a new scam warning Thursday, saying there has been a “huge surge” in the number of people reporting calls from scammers claiming to be with the Boulder County Sheriff’s Office.
Police Investigating Card Skimming Scam at Gas Station
Friday, May 05, 2017
dailyitem.com
State Police Trooper Jared S. Mowen said they discovered a card skimming device at the Sunoco after several victims reported they found fraudulent charges on their credit and debit cards between April 4 and 30.
Lottery Scam Targeting Seniors Sends Man to Prison for 5 Years
Friday, May 05, 2017
buffalonews.com
With every promise of a multimillion-dollar sweepstakes prize came a quid pro quo – which is why a 72-year-old Western New York man coughed up $100,500 in savings to a stranger. And he wasn't alone.
Grandmother Likely Won’t Recover $150K Lost in Scam
Friday, May 05, 2017
wpri.com
Police in Rhode Island say they’re trying to recover $150,000 that a grandmother lost in a scam, but, at this point, there is little they can do. The Westerly Sun reports the Westerly woman transferred the money to Hong Kong, believing she was investing in a company. When her family found out, they called police, who determined the company does not exist.
House Judiciary to Tackle Email Privacy, Spy Rules
Thursday, May 04, 2017
fcw.com
Moving the Email Privacy Act, renewing Section 702 of the Foreign Intelligence Surveillance Act, updating copyright laws and addressing data stored overseas are some of the items on the House Judiciary Committee's newly announced innovation and competitiveness agenda.
Sheriff's Reserve Commander Pleads Guilty to Identity Theft
Thursday, May 04, 2017
clickondetroit.com
A commander with the Wayne County Sheriff's Reserve Division pleaded guilty Wednesday to charges related to his day job as a car salesman. Cmdr. Wilson Roberts pleaded guilty to identity theft and obtaining a signature with the intent to defraud.
Missing Vehicle Links to Woman’s Identity Theft Case
Thursday, May 04, 2017
thisweeknews.com
When the car was not returned, the manager called the woman using the phone number the business had been given, but the woman who answered said she had no knowledge of a car being rented in her name and she was not the person who had made the transaction.
Atlanta Rapper Caught in Coffee House Sting, Charged in Elaborate Scam
Thursday, May 04, 2017
11alive.com
An Atlanta rapper is at the center of what investigators are calling an elaborate scam involving high-end vehicles, stolen identities, and a coffee house sting.
Lawmakers Warn of Scam Tied to Phony Veterans Program Line
Thursday, May 04, 2017
usnews.com
Maine's congressional delegation is warning residents of a phone scam where impostors try to imitate the Veterans Choice Program phone line.
Possible Data Breach at Harrisburg Gastroenterology
Thursday, May 04, 2017
fox43.com
The patient information in question includes names, demographic information, Social Security numbers, health insurance information, diagnostic information, and clinical information.
Lawsuit Looms in Wake of Massive School System Data Breach
Thursday, May 04, 2017
covingtonleader.com
A $19 million lawsuit has been filed in the federal court against the Tipton County Board of Education following a January data breach. The class action suit alleges a board of education employee acted willfully with gross negligence, releasing confidential information to a third party. On Jan. 23, the board of education received a phishing email from a third party in which the sender posed as director of schools Dr. William “Buddy” Bibb, asking for all employee W2 information. The email sent by the employee contained PDF files of nearly 2000 employee names, addresses, social security numbers nature of income, source of income, amounts of income, deductions, exemptions, tax withholdings and tax payments.
Fitchburg Data Breach Discovered
Thursday, May 04, 2017
sentinelandenterprise.com
City officials discovered last month the Social Security numbers of 1,800 state residents were released in a breach of city records three and a half years ago, according to a report filed with the Massachusetts Office of Consumer Affairs and Business Regulation.
Nearly Half of Federal IT Managers Report Breach in Last Six Months: Research
Thursday, May 04, 2017
thehill.com
Forty-two percent of high-level federal IT managers surveyed in new research reported experiencing a data breach in the last six months. According to the survey released by cybersecurity company BeyondTrust on Wednesday, 1 in 8 said their systems weathered a data breach in the last 30 days. The research comes as lawmakers raise concerns about the vulnerability of federal government systems to criminal hackers and nation-state spies.
Greenway Health Still Struggling With Ransomware Attack
Thursday, May 04, 2017
healthdatamanagement.com
A ransomware attack last week against hospital and ambulatory electronic health records vendor Greenway Health affected 400 client organizations using the vendor’s Intergy cloud-hosted platform. Half of those affected clients have had their EHR services restored, with the rest reverting to manual processes in the hope of full restoration by today, says Greg Schulenburg, Greenway Health’s COO.
Gang Members, Others Accused of Running Counterfeit-Check Ring
Thursday, May 04, 2017
wsj.com
More than 30 gang members are accused of operating a counterfeit-check ring that stole $1 million from major banks and recruited young bank-account-holders through social media, Manhattan District Attorney Cy Vance Jr. said on Wednesday.
Man Found Guity of Stealing $74K in Identity Theft Case
Thursday, May 04, 2017
nj.com
The investigation revealed that Cousar used the victim's stolen identifying information to open fraudulent online banking and fraudulent checking accounts in the victim's name. He then transferred money from the victim's legitimate savings account to the fraudulent accounts he controlled.
Identity Theft Leader Avoids Prison Time
Thursday, May 04, 2017
villagerpublishing.com
In a statement issued after the court’s decision, District Attorney George Brauchler noted the lack of minimum prison-sentencing requirements in such cases. “Colorado’s criminal laws are inequitable and need to be modernized to reflect the realities of identity theft and financial crime,” he said. “When a person steals $100 from someone at the end of a gun barrel just one time, he faces mandatory prison. But when someone steals numerous individuals’ identities, financial security and nearly $90,000 through repeated and prolonged acts of theft, fraud and deceit … he gets a halfway house.”
Data Breach of North Texas Company Could Affect Hotel Customer Payment Information
Thursday, May 04, 2017
nbcdfw.com
Southlake-based Sabre Hospitality Solutions says someone hacked its hotel reservation system. Sabre provides reservation system services for more than 36,000 properties.
Healthcare Breaches Hit All-Time High in 2016
Wednesday, May 03, 2017
darkreading.com
A record-breaking 328 healthcare businesses reported data breaches in 2016, surpassing the record of 268 set one year prior. Healthcare records of about 16.6 million Americans were exposed due to hacks, lost or stolen devices, unauthorized disclosure, and other activity.
Breach at Sabre Corp.’s Hospitality Unit
Wednesday, May 03, 2017
krebsonsecurity.com
Breaches involving major players in the hospitality industry continue to pile up. Today, travel industry giant Sabre Corp. disclosed what could be a significant breach of payment and customer data tied to bookings processed through a reservations system that serves more than 32,000 hotels and other lodging establishments.
California Auto Loan Firm Spills Customer Data
Wednesday, May 03, 2017
bankinfosecurity.com
A California financing company exposed up to 1 million records online that contained names, addresses, fragments of Social Security numbers and data related to vehicle loans, according to a researcher's report. The information, now offline, could be used for ID theft.
The Average DDoS Attack Cost for Businesses Rises to Over $2.5 Million
Wednesday, May 03, 2017
zdnet.com
DDoS campaigns are on the rise and the enterprise can now expect a bill of at least $2.5 million every time they become a victim. The mere threat of a distributed denial-of-service (DDoS) attack can cause businesses to sweat, and in some cases, cybercriminals earn big money just by threatening a company with a future attack unless they pay protection fees.
Facebook to Hire 3000 Employees to Review Content for Crime and Suicide
Wednesday, May 03, 2017
thehill.com
Facebook CEO Mark Zuckerberg announced on Wednesday that the company will hire 3,000 new employees to review its videos for crime and suicides.
Motel Was the Base for Identity Theft Crew, Police Say
Wednesday, May 03, 2017
dailybulletin.com
When police officers witnessed a man pushing a woman out of a motel, it led to the arrest of four people and recovery of stolen property and the equipment used to create fake IDs.
Woman Sentenced for $1.5 Million Embezzlement Schemes, Identity Theft
Wednesday, May 03, 2017
lstribune.net
Webb admitted that she embezzled at least $1,526,594 in total from Garmin International, Black and Veatch and TriStar Benefit Administrators over the course of four years, 2012 through 2016. Webb registered a business in the name of “Beauty Within Me” and opened a bank account in the name of the business. She then utilized this bank account to divert money stolen from her victims.
Fraud Probe as Facebook Scam Group Uses Stolen Credit Card Details to Offer Cut-Price Domino’s Pizza Deals
Wednesday, May 03, 2017
thesun.co.uk
The groups lure in takeaway fans with claims they use vouchers and discounts to arrange ultra-cheap orders – but customers are now being warned stolen credit cards may have been used to pay for the food.
Mexican Man Sentenced to 3 Years in Prison for Identity Theft
Tuesday, May 02, 2017
wcfcourier.com
At that time (of arrest), Hernandez-Espinoza turned over to agents identification documents, including a birth certificate, all in the name of the U.S. citizen whose identity he knowingly used. During the sentencing, he admitted that between 2011 and 2015, he was convicted eight times in Iowa and Minnesota of using the name of the U.S. citizen, including after being arrested for criminal sexual conduct and domestic abuse assault.
Men Sentenced in Mortgage Identity Theft Scam
Tuesday, May 02, 2017
warwickpost.com
Between 2007 and 2014, the defendants conspired to execute a scheme, which caused prospective homebuyers to obtain mortgages from financial institutions based upon materially false loan applications and fraudulent supporting documentation. As part of the conspiracy, false representations were made in order to obtain fees to which the defendants were not entitled or to make a profit selling property in which they had an ownership interest. In some instances, thousands of dollars were fraudulently obtained by misrepresenting on a HUD form the amount of funds due or to be paid to one of the parties involved in a transaction. In numerous instances, the defendants concealed their involvement in the scheme by conducting business under the names of several different entities and individuals. At times, the defendants used stolen identities to further the fraud and to conceal their connection to the real estate transactions.
Two Central PA Medical Practices Report Potential Data Breach
Tuesday, May 02, 2017
lancasteronline.com
Harrisburg Endoscopy & Surgery Center Inc. and Harrisburg Gastroenterology Ltd., both located at 4760 Union Deposit Road in Dauphin County, have identical notices on their websites about what they term a "privacy incident."
One-Third of Federal Agencies Reported Data Breaches in 2016
Tuesday, May 02, 2017
darkreading.com
One-third of federal government agencies reported experiencing a data breach in the last year, and 65% have experienced one in the past, according to the 2017 Thales Data Threat Report, Federal Edition. Nearly all (96%) respondents consider themselves "vulnerable" to data breaches; about half (48%) state they are "very" or "extremely" vulnerable.
Financial Services Sector the #1 Target of Cybercriminals
Tuesday, May 02, 2017
darkreading.com
The IBM X-Force Threat Intelligence Index discovered financial services topped the list of industry-specific targets, with 65% more attacks than the average organization across all industries. Attacks on the sector increase 29%, from 1,310 in 2015 to 1,684 in 2016. "The primary goal is money," says Dave Hylender, senior network engineer at Verizon. "That is the driving force behind most of these attacks."
Verizon Finds Phishing Attacks, Malware Top Data Breach Causes
Tuesday, May 02, 2017
healthitsecurity.com
Increased propriety research, prototypes, and amounts of confidential personal data have all helped fuel cyberespionage attacks, such as phishing attacks, according to a recent Verizon report.
Security Warnings as "10 Concerts" Lists, Free Coupon Scams Go Viral on Facebook
Tuesday, May 02, 2017
cbsnews.com
Concert-goers and shoppers are being warned about two unusual security risks on Facebook that have been going viral in the past few weeks. One involves fake coupons claiming to offer deals ahead of Mother's Day, which have been directing users to a survey site intended to steal information.
Man Accused of Scam Targeting Elderly Victims
Tuesday, May 02, 2017
tampabay.com
A 28-year-old handyman is accused of taking money from three elderly people for work he never completed, and Pinellas County sheriff's detectives think there may be more victims.
Bed Bath & Beyond Warns of Mother's Day Coupon Scam
Monday, May 01, 2017
wtsp.com
Another coupon that's just too good to be true on Facebook. You can't help but click it..but don't. The fake coupon says Bed Bath and Beyond offering $75 off in-store purchases. The ad claims it's celebrating Mother's Day.
Watch Out! There Are Apple ID SMS Phishers About!
Monday, May 01, 2017
grahamcluley.com
It's not just your bank accounts that online criminals are keen to break into. They would quite like to hijack your Apple ID credentials too. A number of people have reported receiving a text message from "AppleInc" over the weekend, claiming that their Apple IDs was about to expire - and urging them to click on a link if they wanted to keep it.
Pekin High School Subject of Cyberattack
Monday, May 01, 2017
pjstar.com
Pekin officials discovered the problem Monday. Sometime Sunday, a hacker apparently used malware to infect the school’s computers. Pekin officials have no idea who it was; Owens believed it might even be a non-American entity. The hacker used encryption to make it impossible for Pekin representatives to access information stored in the system. In return for unlocking it, the saboteur demanded a ransom — $37,000, according to Owens. It was not paid.
Malware Shuts Down Virginia State Police Email
Monday, May 01, 2017
scmagazine.com
The Virginia State Police network Wednesday was hit with a malware attack which shut down the department's email services. The attack also affected the department's ability to update the Virginia Sex Offender and Crimes Against Children Registry website and forced the department to suspend email services between 8 p.m. Wednesday and until noon Thursday, according to The Virginian-Pilot.
Identity Theft Is Alive and Well--And Fraudsters Keep Getting Richer
Monday, May 01, 2017
techrepublic.com
Last year, cyber criminals netted 16 billion dollars in the US alone. Find out why fraudsters are so successful and what you can do to stay safe.
Trio Attempting to Commit Identity Theft Behind Bars
Monday, May 01, 2017
patch.com
After learning Sebelius was on probation, the trio were detained and a check of the vehicle uncovered numerous "credit cards, California driver's licenses, ID cards, blank business checks, issued cashier's check, a U.S. passport and other miscellaneous mail and paperwork not addressed to any of the subjects," Gaskins said.
For Mesquite Thieves, Unlocked Cars Became the Keys to Identity Theft
Monday, May 01, 2017
dallasnews.com
Police say two suspects in Mesquite turned the city's most common crime — vehicle break-ins — into a much greater opportunity, using information they found in unlocked cars to steal identities.
Man Charged With Defrauding Parents, Identity Theft
Monday, May 01, 2017
ctvnews.ca
The pair noticed many unauthorized withdrawals from their bank accounts. They soon discovered forged cheques and a new credit card opened in their names, as well as items allegedly stolen from their home.
Blind Trust in Email Could Cost You Your Home
Friday, April 28, 2017
krebsonsecurity.com
The process of buying or selling a home can be extremely stressful and complex, but imagine the stress that would boil up if — at settlement — your money was wired to scammers in another country instead of to the settlement firm or escrow company. Here’s the story about a phishing email that cost a couple their home and left them scrambling for months to recover hundreds of thousands in cash that went missing.
9 Essential Tools for the Security-Conscious Mobile Worker
Friday, April 28, 2017
cio.com
The highly digitized and hyper-connected world that we live in today has heightened the security stakes for us all. But if work frequently takes you away from the home office, you have some particular security and privacy concerns.
IRS and Immigration Officials Impersonated in Call Center Scam
Friday, April 28, 2017
darkreading.com
With stolen data and a call center based in India, a group of thieves impersonated Internal Revenue Service and US Citizenship and Immigration Services officials to scare money out of US residents.
Verizon DBIR: Ransomware Incidents Surge, Education a Hot Bed for Data Breaches
Friday, April 28, 2017
zdnet.com
Ransomware incidents have surged 50 percent from a year ago, educational institutions are becoming a playground for cyber espionage, and 68 percent of healthcare security threats are internal, according to Verizon's 2017 Data Breach Incident Report (DBIR).
Owner of Immigration Services Business Headed to Prison for Identity Theft
Friday, April 28, 2017
sacbee.com
The owner of an immigration services business in Gold River has been sentenced to two years in prison for an identity theft scheme that involved filing a fraudulent tax return.
Ransomware Payout Doesn't Pay Off
Friday, April 28, 2017
darkreading.com
Ransomware, ironically, is a crime based on trust. Victims pay attackers who compromise their data with an expectation it will be returned to them. Unfortunately, a growing number of ransomware targets pay thousands of dollars to get their data back, but receive nothing.
IRS Employee Indicted for Identity Theft
Friday, April 28, 2017
accountingtoday.com
A grand jury in Georgia has indicted an Internal Revenue Service employee for stealing taxpayers’ identities and filing for tax refunds with their names.
Utah Family Warns of Terrifying ‘Virtual Kidnapping’ Scam
Thursday, April 27, 2017
wnep.com
“I heard a young girl crying saying ‘daddy, daddy I'm scared,’ then the kid voice went away and a man came on and told me he kidnapped my daughter and if I ever wanted to see her again I would not tell anybody or hang up,” Weber told Fox 13. “The guy sounded serious.”
The FTC Won’t Offer to Fix Your Computer
Thursday, April 27, 2017
consumer.ftc.gov
"Some cons send pop-up computer warnings to pitch unnecessary – and sometimes harmful – tech support services. Some make phone calls. Others – like one scammer the FTC just sued – send spam emails that falsely claim the FTC hired them to help remove problem software."
Penetration Testing: DIY or Hire a Pen Tester?
Thursday, April 27, 2017
esecurityplanet.com
"A penetration test, when carried out by outside experts, is the best way to establish how vulnerable your network is from a malicious hacker attack. But while thorough, third-party penetration testing can be expensive and is effectively out of date as soon as you make changes to your infrastructure or as new vulnerabilities that affect it are discovered."
Social Security Numbers Must Be Removed From Medicare Cards by April 2019
Thursday, April 27, 2017
cnbc.com
"Under the Medicare Access and CHIP Reauthorization Act of 2015, the agency is required to remove Social Security numbers from all Medicare cards by April 2019. Earlier this year, the Centers for Medicare and Medicaid Services announced plans to begin mailing replacement cards with a new "Medicare Beneficiary Identifier," or MBI, starting in April 2018."
Cloned Cards From Car Wash Data Breach Used at Store, Deputies Say
Thursday, April 27, 2017
wspa.com
"Whatta Wash Car Wash said in a notice last week that malware was placed on its point-of-sale system and that customers who used a payment card at the business between February 20 and March 2 were warned that their card information may be at risk."
Iowa Veterans Warned of Possible Data Breach
Thursday, April 27, 2017
scmagazine.com
"On April 21, the Iowa Veterans Home (IVH) began notifying thousands of residents, former residents and applicants that their personal information may have been compromised."
1.1 Billion Identities Exposed by Cyber Criminals in Data Breaches in 2016: Symantec
Thursday, April 27, 2017
zeenews.india.com
"In 2016, there were 15 breaches that saw over 10 million identities being compromised. This number stood at 13 in 2015. The year also saw ransomware continue to escalate as a global problem and a lucrative business for criminals with 36 per cent increase in ransomware attacks worldwide."
One in Eight People Have Suffered a Healthcare Data Breach
Thursday, April 27, 2017
computerweekly.com
"One in eight consumers in England have had private medical information about them stolen from systems that lack the right level of security, according to a survey."
Millennials Are Most Likely to Fall for an IRS Scam
Wednesday, April 26, 2017
bloomberg.com
"You must pay your taxes immediately, or else," an ominous voice on the other line says before demanding a credit-card number. Most Americans roll their eyes and hang up on these scam calls, but thousands have fallen victim, and millennials are more susceptible than older generations, a new study finds.
Don't Fall for This Facebook Mother's Day Coupon Scam
Wednesday, April 26, 2017
komando.com
Facebook has become one of the world's most popular social networking sites since it rolled out in 2004. There are nearly 2 billion active monthly users worldwide. With that many users, it's no surprise that cybercriminals are always populating the site with new scams. There is a new scam circulating now that you need to know about.
Call Center Fraud Spiked 113% in 2016
Wednesday, April 26, 2017
darkreading.com
One of the catalysts for this growth comes from attackers' enhanced skill in social engineering to coax information, or inadvertent nefarious action, out of call center employees, as well as the discovery of new spoofing and voice distortion technologies to give criminals more options when using the phone, according to the report.
Phishing Attacks Responsible for Three-Quarters of All Malware
Wednesday, April 26, 2017
helpnetsecurity.com
While technical attacks on the newest vulnerabilities tend to dominate the media, many attacks rely on less technical means. According to the GTIR, phishing attacks were responsible for nearly three-quarters (73%) of all malware delivered to organizations, with government (65%) and business & professional services (25%) as the industry sectors most likely to be attacked at a global level. When it comes to attacks by country, the U.S. (41%), Netherlands (38%) and France (5%) were the top three sources of phishing attacks.
Is 'Admin' Password Leaving Your IoT Device Vulnerable to Cyberattacks?
Wednesday, April 26, 2017
zdnet.com
Internet-connected devices in your home or office will be vulnerable to botnets and other attacks, if you don't change the original login credentials.
City of Newark Reportedly Hit in Ransomware Attack
Wednesday, April 26, 2017
scmagazine.com
According to the report, on Friday and over the weekend the malware encrypted infected files with an RAS-2048 algorithm, and the hacker demanded a ransom payment of 24 bitcoins, or approximately $30,000. "The virus compromised our network and disrupted many services that we offer," Wainer told TAPInto Newark. "Our police services are unaffected and continue operating normally," adding that the city is in “safe mode as we inspect each service to look for security gaps."
Children Need to Be Protected From Identity Theft, Too
Wednesday, April 26, 2017
prestoncitizen.com
Citizens are bombarded with warnings to guard their personal identification numbers (PIN), review their deposit accounts daily for fraud, and shred documents that contain sensitive information before disposing of them. But seldom are we reminded that our children’s sensitive information also could be targeted by identity thieves.
How To Spot A Bitcoin Scam
Wednesday, April 26, 2017
forbes.com
According to a recent report by Zerofox, a digital risk monitoring company, there's a considerable dark side to bitcoin. Here are some ways to spot scams...
Ashley Madison Blackmail Roars Back to Life
Wednesday, April 26, 2017
zdnet.com
A group with a Ukrainian top level domain is sending out blackmail threats, using Ashley Madison information...The price for "opting out"? About $500 at today's bitcoin value. Of course, they're lying. You can't opt out. The AM data is out on the dark web, accessible by criminals, forever.
Clean Break: Block Ex-Employees' Access
Wednesday, April 26, 2017
databreachtoday.com
When an employee exits the organization, it's essential to make sure their access rights don't go with them. Too often, however, organizations fail to keep track of what individuals have access to while employed - or to monitor and refine that access as necessary. As a result, they're at greater risk of failing to spot malicious activity by insiders or former insiders who might still be accessing corporate resources.
HHS Smacks Heart Monitoring Firm With $2.5 Million Settlement
Wednesday, April 26, 2017
healthcareinfosecurity.com
The Department of Health and Human Services has smacked a mobile heart-monitoring technology firm with a $2.5 million HIPAA settlement related to findings from an investigation into a 2012 breach involving a stolen unencrypted laptop computer. The hefty fine reflects regulators finding that the organization lacked a sufficient risk analysis and risk mitigation.
72% of Employees Would Share Confidential Company Information, Finds Survey
Wednesday, April 26, 2017
tripwire.com
A new survey found that nearly three in four employees would be willing to share sensitive, confidential or regulated company information under certain circumstances. Conducted by computer tech company Dell, the end-user security survey polled over 2,600 professionals who handle confidential data at companies with 250 or more employees.
Nondigital, Analog Theft Is Main Driver in Identity Theft
Wednesday, April 26, 2017
phys.org
Although identity theft is frequently associated with mega-data breaches such as the Target breach in 2013, new research from the Center for Identity at The University of Texas at Austin has found that old-fashioned "analog" theft is the major driver in identity-related crimes. The findings, detailed in the newly released "2017 Identity Theft Assessment and Prediction Report," shed light on the criminal processes behind identity theft. The report found that approximately 50 percent of identity theft incidents analyzed between 2006 and 2016 resulted from criminals exploiting nondigital vulnerabilities, such as empty prescription drug bottles or sensitive paper documents. In other words, vulnerabilities caused by human error are often used by identity theft fraudsters.
BBB: That Email From Your Boss Could Be a Scam
Wednesday, April 26, 2017
kristv.com
According to the FBI, the CEO scam continues to evolve, targeting businesses of all sizes. Thieves send an email that appears to be from the CEO, employer or head of an organization. The email address will be identical or very similar, and may even be from an account which has been hacked. Since 2016, this scam has a combined exposed dollar loss of more than $3 billion.
Chipotle Data Breach Overshadows Big Earnings Beat
Wednesday, April 26, 2017
cnbc.com
Shares of the company rose as much as 6.8 percent after the earnings release, but the gains were erased when the company revealed it had experienced a data breach.
Bangor Mental Health Provider Details Extent of Hackers' Data Breach
Wednesday, April 26, 2017
mainepublic.org
More than 4,000 clients of a Bangor mental health provider may have had their personal information stolen through a data breach last month. A spokesman for Behavioral Health Center, David Farmer, says the compromised data includes Social Security numbers and notes on services they received.
Russian ‘Pioneer’ of Identity Theft and Card Fraud Jailed for 27 Years
Tuesday, April 25, 2017
nakedsecurity.sophos.com
He was convicted for running a vast credit card and identity theft operation from his homes in Bali, Indonesia, and Vladivostok, Russia, and for selling more than 2m credit card numbers on the black market. Losses from his crimes, which targeted 3,700 financial institutions and 500 businesses around the world, came to at least $170m. Among his prey were small businesses, some of which struggled to defend against his attacks, and some of which failed to recover at all. Court documents said that total losses could grow to billions of dollars.
Lowe's $50 Off Coupon on Facebook Is a Scam, Company Says
Tuesday, April 25, 2017
wistv.com
A coupon seen on social media offering $50 off at Lowe's for Mothers Day is not legitimate, the company stated. "These coupons are not offers extended by Lowe's," said the company in a response on its Facebook page. "It is a scam and Lowe's is unable to honor the coupon."
Raleigh Woman Loses $500 to Jury Scam
Tuesday, April 25, 2017
abc11.com
A jury scam is making the rounds once again, and this time it cost one Raleigh woman more than $500 bucks. Like many others, Joedy Black got an unexpected call about missing jury duty. The scammer told Black that she would be locked up because she didn't serve her juror summons.
Healthcare Records for Sale on Dark Web
Tuesday, April 25, 2017
csoonline.com
Last August a Baltimore substance abuse treatment facility had its database hacked. Patient records subsequently found their way onto the Dark Web, according to DataBreaches.net. The group noticed such things as dates of admission, whether the patients are on methadone, their doctors and counselors, and dosing information. In the DataBreaches.net blog, the hacker “Return,” who they think is Russian, described how he compromised the Man Alive clinic: “With the help of the social engineer, applied to one of the employees. Word file with malicious code was downloaded.”
4 Industries Account for Majority of Global Ransomware Attacks
Tuesday, April 25, 2017
darkreading.com
Ransomware is rapidly on the rise and four industry sectors are taking the largest hit, accounting for 77% of the action, according to NTT Security's 2017 Global Threat Intelligence Report released today.
Man Gets Two Years in Jail for Running ‘Titanium Stresser’ Attack-for-Hire Service
Tuesday, April 25, 2017
krebsonsecurity.com
A 20-year-old man from the United Kingdom was sentenced to two years in prison today after admitting to operating and selling access to “Titanium Stresser,” a simple-to-use service that let paying customers launch crippling online attacks against Web sites and individual Internet users.
Caregiver Charged With Forgery, Identity Theft
Tuesday, April 25, 2017
chattanoogan.com
Special Agents with the Medicaid Fraud Control Unit of the Tennessee Bureau of Investigation have obtained indictments for a former caregiver who is charged with identity theft, abuse or neglect of an impaired adult, and forging a check of one of her clients.
Highly Confidential Psychotherapy Records From Behavioral Health Center in Bangor, Maine Listed on Dark Web
Monday, April 24, 2017
databreaches.net
In what may be the worst breach of 2017 so far in terms of highly sensitive and confidential patient records, a behavioral and mental health center in Maine recently learned that its patients’ records – including evaluations, session notes, and records of sex offenders and sex abuse victims – had not only been in the hands of one criminal, but had reportedly been sold to an unknown party for unknown purposes.
AZ Man Struggles With IRS for Decade to Try and Fix Case of Identity Theft
Monday, April 24, 2017
abc15.com
Tony Chilicas and his fiancé, Holly, are getting married in July. But their walk down the aisle will only be symbolic. Chilicas refused to make it legally official. “I don’t want her taking my last name until this is done,” he said. It’s because of another man: Jorge Campos Ramirez. But this isn’t some messy love triangle. It’s an unbelievable case of identity theft that’s messed with Chilicas’ life for a decade.
6 Factors Impacting Identity Theft Risks
Monday, April 24, 2017
cutimes.com
The threats posed by cyber attacks and identity theft continue to grow as cyber criminals always seem to be on offense while consumers and insurers are on defense.
Indian Police Allege IRS, FBI, Other Law Enforcement Not Interested in Phone Scam Arrests
Monday, April 24, 2017
forbes.com
Taxpayers across the country breathed a sigh of relief after the arrest of Sagar Thakkar, a 24-year-old Indian man accused of running those Internal Revenue Service (IRS) phone scams. Indian police arrested Thakkar earlier this month, claiming he was the mastermind behind the scam where callers posed as IRS agents to collect bogus tax debts. According to the local police, the lack of response from American law enforcement authorities familiar with the investigation has been deafening.
Russian Hacker Behind Kelihos Botnet Indicted in U.S.
Monday, April 24, 2017
news.softpedia.com
Russian hacker Peter Levashov was indicted on eight counts of fraud, conspiracy, and identity theft. Levashov, who was arrested in Spain early this month, is believed to be Severa, the hacker behind the Kelihos botnet, one of the largest spam operations in the world. The indictment comes from a federal grand jury in Connecticut, which came together on Friday in order to lay out all accusations the US has against Levashov.
Fake Delta Airline Receipts Spread Financial Malware
Monday, April 24, 2017
news.softpedia.com
The phishing email is specifically constructed to make you curious. There is no information about the flight included, which is something that such emails normally contain, but there is a link that you are urged to follow. On the other hand, if you pay attention to the email you've received, you'll notice that the email address is wrong, as it comes from @deltaa, instead of @delta.com. Similarly, if you're a frequent Delta flyer, you'll know the legitimate emails from the airline look a bit different.
The Backstory Behind Carder Kingpin Seleznev’s Record 27 Year Prison Sentence
Monday, April 24, 2017
krebsonsecurity.com
Roman Seleznev, a 32-year-old Russian cybercriminal and prolific credit card thief, was sentenced Friday to 27 years in federal prison. That is a record punishment for hacking violations in the United States and by all accounts one designed to send a message to criminal hackers everywhere. But a close review of the case suggests that Seleznev’s record sentence was severe in large part because the evidence against him was substantial and yet he declined to cooperate with prosecutors prior to his trial.
New Password Guidelines Say Everything We Thought About Passwords Is Wrong
Monday, April 24, 2017
venturebeat-com.cdn.ampproject.org
When I recently discovered a draft of new guidelines for password management from NIST (the National Institute of Standards and Technology), I was amazed about the number of very progressive changes they proposed. Although NIST’s rules are not mandatory for nongovernmental organizations, they usually have a huge influence as many corporate security professionals use them as base standards and best practices when forming policies for their companies. Thus, another fact I was surprised about was a lack of attention to this document, finalized March 31, from both official media and the blogosphere. After all, those changes are supposed to affect literally everyone who browses the Internet. Here is a quick look at the three main changes the NIST has proposed.
Is Identity Theft Protection Worth It?
Monday, April 24, 2017
usatoday.com
Many turn to identity theft service providers. It's a market worth $3 billion, according to the research firm IBISWorld. According to the Government Accountability Office, about 50 to 60 companies provide these services. But do they work? That was the question posed in a recent GAO study. Its report described four types of identity theft services -- credit monitoring, identity monitoring, identity restoration and identity theft insurance.
Sheriff: Thousands of Victims Affected by Identity Theft Scheme
Friday, April 21, 2017
kcbd.com
Lubbock County Sheriff Kelly Rowe said his office has discovered a massive identity theft scheme with 14,000 victims.
Ignoring a WhatsApp Scam
Friday, April 21, 2017
nytimes.com
Q. I signed up for WhatsApp out of curiosity last year but never used it. Today I got an email message about someone sending me a WhatsApp voice mail. Is this for real?
Beware of a New Scam Involving "Relatives" and Gift Cards
Friday, April 21, 2017
cbsnews.com
In a new twist on an old phone scam, criminals are preying on family ties by asking people to buy gift cards to help relatives they falsely claim are in trouble.
'Trust Attacks' Fueled by IoT Risks
Friday, April 21, 2017
bankinfosecurity.com
So-called "trust attacks" aren't waged for financial gain. They're waged to compromise data, data integrity and to expose sensitive information. Darktrace CEO Nicole Eagan says trust attacks will be among our greatest IoT worries in 2017, because organizations are likely to see attackers using machine learning and artificial intelligence to turn internet-connected devices against us.
Cybersecurity Firm Exposed Non-Anonymized Hospital Data in Demos
Friday, April 21, 2017
scmagazine.com
Cybersecurity startup Tanium is in hot water after exposing non-anonymized network data from a California hospital during live product demonstrations and online videos. The hospital is one of Tanium's clients and while the firm says that it had permission to use the hospital's environment, the company's Chief Executive Officer Orion Hindawi admitted in an open letter to its consumers that the firm “should have done better anonymizing that customer's data.”
Fake Marine Sentenced in Identity Theft
Friday, April 21, 2017
wrn.com
In a case that was less about “Semper Fi” and more about semper fib, a man who pretended to be a U.S. Marine in order to rip off local businesses in Menomonee Falls has been sentenced to three years in prison.
Identity Theft Ring That Used Stolen IDs to Buy Cars
Friday, April 21, 2017
wsoctv.com
Investigators say the suspects created fake driver’s licenses and included their picture. They presented the IDs with a fraudulent credit application, deputies said. The suspects got busted when deputies said they used the same driver’s license number in back-to-back in two weeks, using different names.
Tax Scam: A Game of Speed and Numbers
Wednesday, April 19, 2017
gcn.com
“Tax season is the perfect opportunity for cybercriminals to monetize data obtained from relatively low effort phishing, like the W-2 scam,” said David Vergara, head of global product marketing for VASCO Data Security. “The volume of tax activity, coupled with the speed in which they submit fraudulent returns, makes it virtually impossible for the IRS to catch it all." Cybercriminals who file fraudulent tax returns before the taxpayer and can successfully repeat the process get the biggest prize, he added: “It’s a game of speed and numbers.”
Job Seekers on ZipRecruiter Being Targeted by Scams via Email and Text
Wednesday, April 19, 2017
csoonline.com
Right now, thousands of people are looking for a new job online. Some of them just want a change, but others are looking for a stable income to support themselves and their families. Scammers are targeting job seekers with precision, often making contact instantly after the victim submits and application or receives a notification from a prospective employer.
Jodi Gissel: Fighting Fraud
Wednesday, April 19, 2017
acamstoday.org
The Justice for Fraud Victims Project (JFVP) began at Marquette University in the fall of 2014, based on a program that originated at Gonzaga University. The JFVP partners the University’s Department of Accounting with local law enforcement and the district attorney’s office in order to provide fraud examination services to smaller organizations in the Milwaukee area that are in need of these services. Fraud investigations are costly. Smaller organizations often cannot afford them and law enforcement generally has limited resources available to provide the necessary in-depth investigation of financial records. The JFVP has accounting students, working under the guidance of a professional forensic examiner mentor, who complete the fraud investigation; thereby gaining valuable experience with an actual fraud examination and providing a valuable service to the community.
Advanced, Low-Cost Ransomware Tools on the Rise
Wednesday, April 19, 2017
darkreading.com
Malware developers keep making it easier for even the most broke and technically inept bad guys to jump on the ransomware craze with cheap and user-friendly tools that are bound to fuel plenty more computer blackmail attacks in 2017. The latest evidence of the trend comes from a report out today of a new variant offered up by Russian cybercriminals through a software-as-a-service delivery mechanism that costs criminals only $175 to get started.
InterContinental Hotel Chain Breach Expands
Wednesday, April 19, 2017
krebsonsecurity.com
IHG has released data showing that cash registers at more than 1,000 of its properties were compromised with malicious software designed to siphon customer debit and credit card data.
Man Pleads Guilty to ID Theft in Which He Stole $150G in Unemployment Benefits
Wednesday, April 19, 2017
nydailynews.com
A Bronx man already on probation for texting a terror threat to Emirate Airlines in 2013 is headed to prison for stealing the identities of multiple people and filing fake unemployment claims.
Florida Men Sentenced in Identity Theft Crimes Against New Yorkers
Wednesday, April 19, 2017
wellsvilledaily.com
The fraudsters had also repeatedly contacted the Tax Department call center in Albany. Investigators were able to listen to the recordings and crack the fraud scheme. They traced the calls and computer traffic used to create the false OLS accounts to the exact location where Mirville and Jacques were operating. This provided sufficient evidence to support issuance of a search warrant.
This Google Chrome and Firefox Phishing Scam Is ‘Practically Impossible to Spot’
Wednesday, April 19, 2017
fortune.com
The attack is a variety of phishing, an age-old con that involves tricking people into trusting a malicious website by directing them to a malicious link or, alternatively, into downloading a booby-trapped computer file. The hackers then steal the victims' passwords or install malware on their computers.
NEED AN EXPERT?
Rob Douglas identity theft expert

Does your organization need a consultant who can deliver information security awareness training that contains the truth about what works and what doesn’t in the fight against the fastest growing crimes in the world? 

Does your conference need an experienced speaker who will captivate the audience with dramatic real life cases of identity theft, cybercrime and scams ranging from stolen personal information, to theft of corporate trade secrets, to stalking and murder? 

Are you a member of the media seeking a comment about ID theft, scams, data breaches, cybercrime, information security, or fraud? 

If so, we invite you to learn more about identity theft and scam expert Rob Douglas.