Accurate, Focused Research on Law, Technology and Knowledge Discovery Since 2002

Category Archives: ID Theft

Business Email Scams: Protecting Your Company’s Information

From the Pennsylvania Department of Banking and Securities, a succinct and very useful Infographic guide: “Business Email Compromise is a cyber threat targeted against businesses, both large and small, that typically involves a con artist targeting employees with access to company financial or sensitive documents. The scammers lead the employees to believe they are a trusted partner or are legitimately entitled to the information, when in reality, they are criminals. A common tactic of these cybercriminals is the use of a “spear-phishing” emails and use of malware to first infiltrate the organization and eventually send a sham email supposedly from the CEO to an employee with access to financial information, requesting money to be transferred…” [h/t Pete Weiss]

EPIC Urges Congress To Hold Equifax Accountable, Update Data Protection Law

“EPIC has sent statements to Congress ahead of hearings in the House and Senate on the Equifax data breach. EPIC underscored the risk to American consumers of data breaches which are increasingly severe. EPIC urged Congress to require prompt data breach notification, data minimization, and privacy enhancing techniques. In 2011 EPIC testified in the House… Continue Reading

Report – Phish For the Future

“This report describes “Phish For The Future,” an advanced persistent spearphishing campaign targeting digital civil liberties activists at Free Press and Fight For the Future. Between July 7th and August 8th of 2017 we observed almost 70 spearphishing attempts against employees of internet freedom NGOs Fight for the Future and Free Press, all coming from… Continue Reading

The Equifax Data Breach: What to Do

FTC – “If you have a credit report, there’s a good chance that you’re one of the 143 million American consumers whose sensitive personal information was exposed in a data breach at Equifax, one of the nation’s three major credit reporting agencies. Here are the facts, according to Equifax. The breach lasted from mid-May through… Continue Reading

Preventing and Responding to Identity Theft

US Cert Security update: Preventing and Responding to Identity Theft “You can be a victim of identity theft even if you never use a computer. Malicious people may be able to obtain personal information (such as credit card numbers, phone numbers, account numbers, and addresses) by stealing your wallet, overhearing a phone conversation, rummaging through… Continue Reading

Wharton – After Equifax, Can Our Data Ever Be Safe?

Follow up to previous posting – Equifax is one of many companies that collect information about you – via [email protected] – “In the annals of data breaches, the Equifax hacking stands alone due to its sheer scale: Digital thieves traipsed through the personal information of 143 million Americans for several months to do with it… Continue Reading

FTC alerts consumers about post Equifax scams

Ring, ring. “This is Equifax calling to verify your account information.” Stop. Don’t tell them anything. They’re not from Equifax. It’s a scam. Equifax will not call you out of the blue. That’s just one scam you might see after Equifax’s recent data breach. Other calls might try to trick you into giving your personal… Continue Reading

CRS – Justice Department’s Role in Cyber Incident Response

Via EveryCRSReport.com: Justice Department’s Role in Cyber Incident Response August 23, 2017 R44926. “Criminals and other malicious actors increasingly rely on the Internet and rapidly evolving technology to further their operations. In cyberspace, criminals can compromise financial assets, hacktivists can flood websites with traffic—effectively shutting them down, and spies can steal intellectual property and government… Continue Reading

Equifax hack may have breached personal data on half the US population w/updates

CNET: “…According to Equifax, which released a statement today, the company’s database was breached through a vulnerability on its website, exposing the personal information of an estimated 143 million people, including some in the UK and Canada….Equifax has set up its own program to help people find out if they were one of the millions… Continue Reading

GAO reports continuing security controls for protecting confidentiality of taxpayer data

Information Security: Control Deficiencies Continue to Limit IRS’s Effectiveness in Protecting Sensitive Financial and Taxpayer Data, GAO-17-395: Published: Jul 26, 2017. Publicly Released: Jul 26, 2017. “The Internal Revenue Service (IRS) made progress in addressing previously reported control deficiencies; however, continuing and newly identified control deficiencies limited the effectiveness of security controls for protecting the… Continue Reading

Your Social Security Number is a major target of ID theft – government has yet to implement an alternative

Social Security Numbers: OMB Actions Needed to Strengthen Federal Efforts to Limit Identity Theft Risks by Reducing Collection, Use, and Display, GAO-17-553: Published: Jul 25, 2017. Publicly Released: Jul 27, 2017. “Governmentwide initiatives aimed at eliminating the unnecessary collection, use, and display of Social Security Numbers (SSN) have been underway in response to recommendations that… Continue Reading

Number of Employment-Related Identity Theft Victims Is Significantly Greater Than Identified

Treasury Inspector General for Tax Administration – The Number of Employment-Related Identity Theft Victims Is Significantly Greater Than Identified, June 20, 2017, Reference Number: 2017-40-031.”Employment-related identity theft (hereafter referred to as employment identity theft) occurs when an identity thief uses another person’s identity to gain employment. Taxpayers may first realize they are a victim when… Continue Reading