Archive for the ‘identity theft’ Category

North Korea hackers use social media to target security researchers

January 26th, 2021
Cyber threat from North Korea. North Korean hacker at the computer, on a background of binary code, the colors of the flag of the DPRK. DDoS attack

Enlarge / Cyber threat from North Korea. North Korean hacker at the computer, on a background of binary code, the colors of the flag of the DPRK. DDoS attack (credit: Dmitry Nogaev | Getty Images)

Google has warned it has uncovered an “ongoing” state-backed hacking campaign run by North Korea targeting cyber security researchers.

The Silicon Valley group said its threat analysis team found that cyber attackers posing as researchers had created numerous fake social media profiles on platforms such as Twitter and LinkedIn. To gain credibility, they also had set up a fake blog for which they would get unwitting targets to write guest posts about actual software bugs.

After establishing communication with an actual researcher, the attackers would ask the target to work together on cyber vulnerability research and then share collaboration tools containing malicious code to install malware on the researcher’s systems.

Read 11 remaining paragraphs | Comments

Posted in Biz & IT, hackers, identity theft, malware, North Korea, security | Comments (0)

100,000 Razer users’ data leaked due to misconfigured Elasticsearch

September 14th, 2020
This redacted sample record from the leaked Elasticsearch data shows someone's June 24 purchase of a $2,600 gaming laptop.

Enlarge / This redacted sample record from the leaked Elasticsearch data shows someone's June 24 purchase of a $2,600 gaming laptop. (credit: Volodymyr Dianchenko)

In August, security researcher Volodymyr Diachenko discovered a misconfigured Elasticsearch cluster, owned by gaming hardware vendor Razer, exposing customers' PII (Personal Identifiable Information).

The cluster contained records of customer orders and included information such as item purchased, customer email, customer (physical) address, phone number, and so forth—basically, everything you'd expect to see from a credit card transaction, although not the credit card numbers themselves. The Elasticseach cluster was not only exposed to the public, it was indexed by public search engines.

Diachenko reported the misconfigured cluster—which contained roughly 100,000 users' data—to Razer immediately, but the report bounced from support rep to support rep for over three weeks before being fixed.

Read 12 remaining paragraphs | Comments

Posted in Biz & IT, data breach, Data leak, identity theft, infosec, Razer | Comments (0)

EPIC files restraining order to block voter fraud commission’s data swoop

July 7th, 2017

States join EPIC in pushing back against president’s call for voter data amid concerns about scope and security of the request

Posted in Donald Trump, identity fraud, identity theft, Law & order, PII, Presidential Advisory Commission on Election Integrity, voter fraud | Comments (0)

Listen up: is this really who you think it is talking?

May 5th, 2017

Lyrebird, an AI startup, can produce uncannily good versions of real people’s voices. What does it mean for identity fraud?

Posted in AI, fake news, identity theft, Lyrebird, neural networks, University of Montreal, voice synthesis | Comments (0)

Teaching Kids to Secure Their Data & Hearts Online

October 28th, 2016

heart_teen_privacy

Valentine’s week is filled with flowers, chocolate . . . and that wonderfully dangerous little thing called oxytocin. Referred to as the “trust hormone,” oxytocin is one of several chemicals our brains release when we feel attracted to someone. Fun right? Yes, but it can also function pretty much like an opiate and cause feelings of attachment, comfort . . . and trust.

And it’s that trust—real or imagined—that may begin to explain why some people continue to share highly personal information including sexual or nude photos with others on their digital devices despite potentially scandalous fallout.

LRT2014_Infographic-Global-FNLRecently, McAfee released the findings from their 2014 Love, Relationships & Technology survey that illustrates the casual way adults continue to treat intimate information online. Of the over 9,000 consumers worldwide, ages 18-54 polled, almost half (49%) have sent or received intimate or sexually explicit text messages, email or photos or filmed sexual video content. And only 28% of the people who sent or received sexts or intimate text messages, emails or photos delete the message from their device as soon as they have sent/received it. 42% have sent sexts or sexually explicit text messages to their boyfriend/girlfriend, but 16% have sent sexts to a complete stranger!

Even though we share our bank accounts details (43%) mobile phone content (48%), including texts, emails and photos, and passwords (38%), we don’t always trust our partners as shown in the study. 30% of people log into their significant others’ Facebook accounts on a monthly basis by using their passwords and 28% of us have taken their significant other’s mobile device to see the content it has stored .

Valentine’s week is a great time to sit down with your family and attempt to speak louder than the oxytocin. If adults are admitting to such casual behavior online, you can bet that kids aren’t far behind in that trend.

Here are some family talking points and some engaging online activities to help reinforce personal security online.

  • Password-protect your phone, tablets. If your child doesn’t have a screen lock password, be sure she puts one on her phone. Require her to share the password with you only. Remind her that if her phone or gadget is lost or stolen, anyone who picks it up could get access to her information and publish it online.
  • Keep your password under wraps. Remind your child not to share her passwords with their significant other or even their best friend—no exceptions! Let her know that sharing a passcode or PIN, puts her at risk for cyber stalking, identity theft, and leakage of intimate data.
  • Teach your child that people change. While it sounds unthinkable to a teen in love, remind her that even the people we trust today can eventually prove to be inconsistent, untruthful, and even mean. Her boyfriend may be someone else’s boyfriend next year or even next month. Communicate clearly, and candidly, the risk of sending intimate texts or sharing her heart in any digital form.
  • Emphasize reputation and unforeseen risk. Your teen may not relate to a boyfriend sharing an intimate photo (unthinkable) but she will relate to the need to protect their reputation. By being casual with intimate photos and texts messages, she is opening up her reputation to harm.
  • Define ‘intimate’ or ‘private’ for your child. What you define as intimate and private and what your child considers to be intimate could be far different. Set the standard and communicate it clearly. Then, go through her Twitter or Instagram feed together and illustrate your point.
  • Shared info belongs to the world. Remind your child before she hits send, post, upload, or tweet, that her information, once shared, will be out of her control. From that point forward, she will be reliant on others to protect her privacy.
  • Clean sweep devices. Everyone has something on their phone—either notes, emotionally charged texts, or emails that they forgot to delete. Ask your child to sweep her phone clean of anything that could cause embarrassment. Delete, delete, delete!
  • Protect your devices. Protect all of your family’s data, identity and devices with comprehensive security with McAfee LiveSafe™ service that protects all your families PCs, Macs, smartphones and tablets.

 

To learn more, join the conversation using the #SextRegret hashtag or follow @McAfeeConsumer or @SafeEyes  on Twitter or Facebook. Talking with others, sharing lessons, and getting support is a fun way to learn about safety!

And to stress the importance of protecting your mobile device, play the Crack the PIN to win game. This was launched by Intel and McAfee to teach you how to take simple steps toward privacy everywhere by locking, tracking, and encrypting your devices. Go to http://www.mcafee.com/PINit to try and win a Samsung Galaxy tablet or McAfee LiveSafe if you guess the PIN!

The Futures Company and MSI conducted surveys in the US, UK, Australia, Canada, Germany, France, Spain, Italy, The Netherlands, Japan, Mexico, China, India, Singapore and Brazil among 9,337 men and women, ages 18 to 54. The survey was conducted in December 2013 – January 2014.

ToniTwitterHS

 

 

 

Toni Birdsong is a Family Safety Evangelist to McAfee. You can find her on Twitter @SafeEyes. (Disclosures).

The post Teaching Kids to Secure Their Data & Hearts Online appeared first on McAfee Blogs.

Posted in Family Safety, identity theft, Mobile Security, protecting kids online, social networking | Comments (0)

Couple “driven by greed and a fast buck” jailed for $1.5m IRS scam

July 29th, 2016

They used the IRS’s ‘Get Transcript’ service to get personal information on people and use it to file bogus returns in their names.

Posted in Anthony Alika, data loss, Get Transcript, identity theft, IRS, Law & order, Money Laundering, Rapheal Atebefia, Security threats, Sonia Alika, tax returns | Comments (0)

IRS hacked again – say goodbye to that PIN system!

June 27th, 2016

It’s so quiet, you can hear a repeatedly hacked PIN system drop, months before it was (maybe) going to be killed.

Posted in 2FA, automated attacks, data loss, e-File PIN, identity theft, Internal Revenue Service, IP PIN, IRS, Law & order, Security threats, SSN, tax returns | Comments (0)

Identity thief who said he was too smart to catch gets caught

June 13th, 2016

“Drugs apparently overcame his superior intellect,” said the chief deputy.

Posted in data loss, identity theft, Law & order, Security threats, Tony Michael Canterberry | Comments (0)

IRS yanks anti-identity-theft tool IP PIN over 800 identity thefts

March 10th, 2016

The US tax agency has pulled the plug on the 2FA system after sniffing out 800 fraudulent returns filed with the PINs.

Posted in 2FA, identity theft, IP PIN, IRS, Law & order, tax returns | Comments (0)

Win Big in the #SafeHoliday Countdown

December 4th, 2015

The holidays are here at last. The cocoa is hot, the lights are strung, and the spirit of the holiday season is all around us. But with the happiness of the holidays comes steals and deals on the year’s hottest stocking-stuffers. And who more likely to take advantage of the season of giving than holiday hackers?

Too-good-to-be-true online offers, phishing scams, and malicious e-cards are just a few of the hacks you’ll have to keep your eye out for in the coming weeks. Cybercriminals are constantly looking for new ways to pull the wool over our eyes, and the holiday season can be a hacker’s heyday.

So, how can you best outsmart these seasonal scammers? Have we got a holiday gift for you.

Each day for 25 days, we’ll share a new cybersecurity tip on this page, each paired with a daily prize. When you tweet out the tip of the day from this page, you’ll be entered in the prize drawing for that day.

HSA_Social_Facebook-Share_TW-tip-us-1

 

That’s 25 days. 25 tips. 25 prizes.

What are you waiting for? Get started sharing tips to stay safe this holiday season, here. Good luck, and we wish you a holly, jolly #SafeHoliday.

The post Win Big in the #SafeHoliday Countdown appeared first on McAfee.

Posted in consumer, cybersafety, e-commerce, identity theft, internet security | Comments (0)