TrustMeSecurity.com

India has a booming Phishing economy. India ranked 14th worldwide in hosts Phishing websites. The most popular cities were Mumbai (38%), New Delhi (29%), and Bangalore and Chennai both with 12%. Check out this article for an interesting interview with Vishal Dhupar of Symantec India.

Rosemary Haworth of PC Advisor has a noobies guide to staying safe on the internet. It could be a good idea to forward this article to those people in your life who still get excited over desktop image rotators.

I wish I could copy and paste Tim Cook’s entire article from THE CANADIAN PRESS here but I respect copyright far too strongly to do that, so instead you’ll have to be content with a link to the article and a short excerpt below.

Canada’s privacy watchdogs want young people to be more aware of where their personal information goes when they punch it into websites such as Facebook or MySpace.

While subjects such as online predation, cyber stalking and cyber bullying have received a lot of attention, youths are often naive about the commercial interest in the personal information they release online, said Saskatchewan privacy commissioner Gary Dickson.

I think, personally, I may be in a minority when I say that I think many young people are aware of the risks but simply consider using tools like social networks to share information with friends to be worth the risk. I think that if easy to use tools were available to filter who can access their info that they would employ them. I guess that’s why I work here!

Identity theft is a crime that can leave its victims financially and emotionally devastated. The frustration level involved in clearing up identity theft is enormous.

The RCMP website defines identity theft as follows:

Identity theft involves stealing, misrepresenting or hijacking the identity of another person or business.

In a former life, I worked in the fraud department of one of the largest credit reporting agencies in North America. I spent a great deal of time working with folks whose identities had been compromised. Most people weren’t even aware that their identity had been hijacked until it affected their day to day life in some way – usually when they were applying for credit for either a mortgage or a vehicle.

Continue reading Start By Being Smart

Prices to buy a stolen credit card number have dropped as low as $0.40 according to Symantec.

Fierce competition among identity thieves has driven the prices for stolen data down to bargain-basement levels, forcing crooks to adopt mainstream business tactics to lure customers, a report on internet security threats said Tuesday.

Credit card numbers were selling for as little as 40 cents each and access to a bank account was going for $10 US in the second half of 2007, according to the latest twice-yearly internet security threat report from Symantec Corp.

Read the rest of this story over at CBC.ca by clicking here.

A pro-consumer ID Theft bill was recently co-written by a tech-savvy legislator and Chris Soghoian a blogger, focusing on providing strong incentives for businesses to encrypt private and confidential consumer data, and requiring businesses to post data breech reports online to notify their customer base. (it requires more than this, but this is what interested me)

Before this bill even left committee it was reduced from 72 lines to a paltry 17, however the stipulation that confidential and private information remains encrypted survived the decimation.

Continue reading A win for ID Theft Prevention.. kind of

United Press International has posted a disturbing analysis of recent “cyber” attacks against Tibet advocacy groups, particularly in the US. The article outlines increasingly common behavior that is rarely reported because the victims, often corporations, typically do not like to advertise their breach.

Van Horenbeeck told United Press International that the attacks used e-mails purporting to come from known associates of the victims with attachments containing malicious code — so-called Trojan horse software — that stole e-mail and contact data, passwords and other information and covertly sent it on the Internet to special command servers.

We often use common sense to determine whether or not we should trust an email. If it’s from an address we don’t recognize or references a conversation we never participated in it sets off red flags. But, when the email looks like it’s coming from a person you know and simply continues an ongoing conversation you’re familiar with it causes us to lower our guard.

Continue reading Secure Tibet?

Thanks for giving us a heads up about this video Karn. The video features safety tips from Marc Saltzman who also shares advice for identifying phishing and spoofing attempts, and protecting yourself from online fraud and identity theft. The videos being distributed by eBay, a company that has been damaged by phishers hijacking their brand.

The loss of roughly half the population of the UK’s personal information on a CD sent through the mail prompted EnterpriseITPlanet.com writer Drew Robb to compile his list of the top 10 security trends. Not surprisingly he touches on some of the big holes that TrustMe’s engineers are tackling. Some of the highlights:

1. Data Breaches Are on the Rise

“High-profile data breaches underscored the importance of data loss prevention technologies and strategies,” says Oliver Friedrichs, director of security response at Symantec Corp. of Cupertino, CA. “Most breaches are due to physical loss of equipment. Theft or loss of computer or other data storage medium made up 46 percent of all data breaches.”

Continue reading Enterprise IT Planet.com’s Top 10 Security Trends

There’s word of a new email scam circulating that has become so popular its been picking up steam in the media. The email purportedly states that the IRS has made a mistake and owes you money, then directs you to a page where it proceeds to trick you into giving up all of yours.

The IRS says:

“Those who have received a questionable e-mail claiming to come from the IRS may forward it to a mailbox the IRS has established to receive such e-mails, phishing@irs.gov, using instructions contained in an article titled “How to Protect Yourself from Suspicious E-Mails or Phishing Schemes.”

It may be a pretty safe policy to just delete any email from the IRS claiming that they owe you money. It’ probably a safe bet.