just ask gemalto: Women Proved “Securest” in the Defcon Social Engineering Game
- 10/07/10 06:13 PM
In a recent post (Hackers Play “Social Engineering Capture The Flag” At Defcon), I pointed to a game in which contestants used the telephone to convince company employees to voluntarily cough up information they probably shouldn’t have.
Of 135 “targets” of the social engineering “game,” 130 blurted out too much information. All five holdouts were women who gave up zero data to the social engineers.
Computerworld reports, “Contestants targeted 17 major corporations over the course of the two-day event, including Google, Wal-Mart, Symantec, Cisco Systems, Microsoft, Pepsi, Ford and Coca-Cola. Sitting in a plexiglass booth, with an audience watching, they called … (0 comments)
|
just ask gemalto: Criminal Hackers Create 3 Million Fraudulent Websites Annually
- 10/06/10 07:28 PM
A recent study shows that organized criminals create approximately 8,000 malicious websites every day, or over 57,000 each week.
These malicious websites model legitimate websites that we visit every day, such as bank websites, online shopping sites, and eBay. According to this study, the most frequently impersonated companies include Visa, Amazon.com, PayPal, HSBC, and the United States Internal Revenue Service.
People are typically directed to these scam sites in one of three ways:
1. Often, potential victims end up visiting these spoofed websites via phishing scams. Phishing, of course, occurs when you receive an email that appears to be sent from … (2 comments)
|
just ask gemalto: iTunes a Platform for Phish Scammers
- 09/22/10 03:46 AM
iTunes users all over the world are being hooked in a possible phishing scam that siphons cash out of their PayPal accounts. Phishing scams, of course, consist of emails that appear to be coming from a legitimate, trusted business. These emails are often designed to trick the victim into revealing login credentials. Once the phishers have access to the account, they begin withdrawing funds.
In this case, scammers used victims’ iTunes accounts to purchase gift cards, which were paid for by the victims’ linked PayPal accounts. Some victims of this particular scam have has just a few dollars stolen, while others … (0 comments)
|
just ask gemalto: Criminal Web Mobs Responsible For Most Cyber Crime
- 09/13/10 06:39 AM
New reports confirm what we’ve been seeing in the news; organized criminals have upped the ante. Global web mobs are tearing up corporations’ and financial institutions’ networks. According to a new Verizon report, a staggering 900 million records have been compromised in the past six years. Up to 85% of the breaches were blamed on organized criminals.
The hackers who infiltrate these networks include brilliant teens, 20-somethings, all the way up to clinical psychologists and organized, international cyber criminals. Many are from Russia and Eastern Europe.
Motivated by money and information, they either exploit flaws in applications to find their way … (1 comments)
|
just ask gemalto: More ATM Skimmers Being Used By Gangs
- 09/13/10 06:11 AM
A report issued by the FTC finds that customers in the process of withdrawing cash from ATMs are more likely to be victims of ATM fraud than a direct, physical crime, and skimmer devices have recently been found on gas pumps and ATMs throughout Northern California.
ATM skimming occurs when a device is placed on the face of an ATM, often over the slot where the card is inserted. The skimmer, which may use Bluetooth or cellular technology to transmit the data to criminals wirelessly, appears to be a part of the machine. It’s almost impossible for ATM users to know … (1 comments)
|
just ask gemalto: A Viable Solution to Wave of Skimming and Point of Sale Attacks
- 08/29/10 06:46 PM
Officials are reporting a wave of credit and debit card attacks targeting point of sale swapping, skimming of card data, and hacking into payment processors. Reports say the U.S. Secret Service, among others, are in the process of investigating a multistate crime spree.
The Oklahoma Bankers Association commented, “It is beyond apparent our bankers are taking great losses on these cards and we also need to explore creative ideas to mitigate these losses. It is in the best interest of retailers, bankers, processors and card providers to find ways to limit these losses so that debit and credit cards can remain … (3 comments)
|
just ask gemalto: mCrime Higher on Hackers’ Radar
- 08/27/10 07:52 PM
This year’s Defcon convention of hackers in August brought to light a fact that many in the security industry have known: mobile phones are becoming a bigger target for criminals.
Recent news of applications on the iPhone and Android that are vulnerable to attack and possibly designed to send your data offshore have reinforced the security concerns for mobiles.
It is inevitable that over the next few years as millions of smartphones replace handhelds and billions of applications are downloaded, risks of mobile crime (mCrime) will rise. As we speak, the large antivirus companies are snapping up smaller mobile phone security … (1 comments)
|
just ask gemalto: Seven Social Media Landmines to Watch Out For
- 08/27/10 07:19 PM
In the early days of the web, cybersquatting was a concern among corporations who were late to the game in getting their domain names. I had a little battle with LedZeppelin.com that I regret, but that’s another story.
Today that same battle is being played out in social media. Anyone can register any brand or likeness on social media with very little difficulty, and it’s free. Once the scammer owns your name, they can pose as you, blog as you, and comment as you.
The basis of much of this social media identity theft, or “impostering,” revolves around social engineering. When … (0 comments)
|
just ask gemalto: What is “Social Registration”?
- 08/25/10 06:51 PM
Social media has evolved into the fifth major form of media: print, radio, television, Internet, social. While social media functions on the Internet, there’s no denying that it is its own platform. It encompasses most forms of media in one tight and neat package. Some social networking sites have more users than number of residents in some countries.
In the process of this explosive growth, a few social networking websites like Facebook, Twitter, and LinkedIn have risen to the top. And in each frontrunner’s quest to be the biggest, fastest, and strongest, each wants to be your “single sign-on” in the … (3 comments)
|
just ask gemalto: Stealing Secrets: Telling Lies Over the Phone
- 08/24/10 11:53 AM
In a recent post (Hackers Play “Social Engineering Capture The Flag” At Defcon) I pointed to a game in which contestants used the telephone to convince company employees to voluntarily cough up information they probably shouldn’t have. At the recent Defcon event, social engineers proved that it doesn’t take much more than asking to get the necessary information that may lead to penetrating a person’s computer.
Social engineering is a fancier, more technical form of lying. An alternative to traditional hacking, it is the act of manipulating others into performing certain actions or divulging confidential information. Social engineering or “social penetration” … (0 comments)
|
just ask gemalto: Seven Smartcard Keys To The Internet
- 08/24/10 09:36 AM
There has been a bit of buzz lately regarding an Internet “kill switch” and a handful of trusted individuals given the responsibility of rebooting the Internet, should it go down from cyber attack or be shut down for whatever reason.
The operation is born of the Internet Corporation for Assigned Names and Numbers (ICAAN). ICANN was formed in 1998. It is a not-for-profit public benefit corporation with participants from all over the world dedicated to keeping the Internet secure, stable, and interoperable. It promotes competition and develops policy on the Internet’s unique identifiers.
ICANN doesn’t control content on the Internet. It … (1 comments)
|
just ask gemalto: Banks Need You to Partner in Security
- 08/23/10 04:03 PM
Sticking your cash in a mattress has never been a good idea. That’s why we have banks. Banks have safes, insurance, and other systems in place to ensure that multiple layers of security protect your money.
In the past decade, however, as much as 80% of all banking has taken place online, compared to the hundreds of years of traditional banking. Clearly, this is all about convenience. And it has become apparent that these conveniences of technology have outpaced consumers’ security intelligence. It is possible to secure systems in a way that will defeat most online criminal activity, but that level … (2 comments)
|
just ask gemalto: Spies Among Us
- 08/20/10 04:12 AM
The term “spy” conjures ideas about “foreign operatives,” “moles” and James Bond. You might envision forged IDs, fake passports and fraudulently issued government sponsored papers. When spies were recently exposed and caught in the United States, it was kind of surreal for me, since some of them lived right here in Boston.
Back in the day, spies used advanced covert technology, was always a hidden or shrunken version of something more common and accessible. Today, the same technology exists, and it’s cheap and mostly manufactured in China. Lighters, pens, just about any small, seemingly benign object you can think of can … (2 comments)
|
just ask gemalto: Privacy Laws for Kids Online
- 08/19/10 05:24 AM
Numerous privacy groups are urging the FTC to update its Children’s Online Privacy Protection Act of 1998. The primary goal of the Children’s Online Privacy Protection Act, or COPPA, is to give parents control over what information is collected from their children online and how such information may be used.
Jeff Chester, Executive Director of the Center for Digital Democracy said, “The Commission should enact new rules for COPPA that draw upon its current investigations into behavioral marketing and other current digital advertising practices. It’s time for the FTC to do a better job of protecting the privacy of children online.”
… (0 comments)
|
just ask gemalto: Are Contactless Payment Methods Secure?
- 08/16/10 07:12 PM
“Contactless,” in this context, refers to the use of a wireless device. A payment is contactless when, instead of inserting your credit or debit card, you hold your card or keychain device within a few inches of the terminal, and your payment information is sent and processed wirelessly.
Contactless payments offer a faster and more convenient alternative to cash for small purchases at fast food restaurants, convenience stores, and transport terminals. They are also ideal for remote or unattended payment situations, such as vending machines, road tolls, or parking meters. So far, I haven’t seen a report of bad guys exploiting … (0 comments)
|
just ask gemalto: Mobile Phone Spyware Resellers Arrested
- 08/14/10 05:07 AM
Spyware is sold legally in the United States. This software records chats, emails, websites visited, usernames and passwords, and basically everything a person does on that PC. Some spyware programs can record everything in a video file that can then be accessed remotely.
This is all perfectly legal as long as the PC’s owner is the one to install the software. Installing spyware on a computer that is not your own is illegal. Spyware can be great if, for example, you have a twelve-year-old daughter who obsessively chats online, and you want to know with whom she’s chatting or if you … (3 comments)
|
just ask gemalto: Why You Need to Pay Attention to Credit Card Statements
- 07/20/10 06:18 PM
Despite what silly James Bond-esque credit card commercials may imply, credit card companies don’t really protect you to the degree you expect. If a credit card company detects irregular spending on your credit card, they may freeze your account or call to verify your identity. While these measures do help secure your card to an extent, but they cannot prevent or detect all types of credit card fraud.
The Federal Trade Commission recently filed a lawsuit describing a criminal enterprise responsible for “micro charges,” fraudulent charges ranging from 20 cents to $10, to as many as one million credit cards since … (2 comments)
|
just ask gemalto: Giving Your Credit Card to a Hotel? Watch Your Statements
- 07/18/10 06:57 AM
Personally, I don’t particularly enjoy staying in hotels. Sure, after a long day of travel, the hotel is a relief, but in most cases, I’d much rather sleep in my own bed. Criminal hackers, on the other hand, love hotels.
According to a recent study, 38% of all credit card breaches occur in hotels. Despite several high profile breaches that recently affected payment processors and banks, the financial services industry only accounts for 19% of breaches. Retailers came in third at 14%, and restaurants fourth at 13%.
Over the past five years or so, I’ve noticed a trend in which criminals … (0 comments)
|
just ask gemalto: Adobe a Target for Criminal Hackers
- 07/14/10 06:28 PM
We all know and love Adobe products. Their PDFs have become as ubiquitous as .DOC, .TXT and .XLS. Most PCs include Adobe Reader as a bundled software. The Adobe Flash media player is the easiest most user friendly online video player on the planet and required for the most popular video site YouTube.
Brad Arkin, Adobe’s director for product security and privacy, recently commented, “We’re in the security spotlight right now. There’s no denying that the security community is really focused on ubiquitous third-party products like ours. We’re cross-platform, on all these different kinds of devices, so yes, we’re in the … (5 comments)
|
just ask gemalto: Old Credit Card Technology Facilitates Skimming Fraud
- 07/14/10 12:16 PM
Credit and debit cards in the U.S. use old magnetic stripe technology. The magnetic stripe is the black or brown band on the back of your credit or debit card. Tiny, iron-based magnetic particles in this band store data such as your account number. When the card is swiped through a “reader,” the data stored on the magnetic stripe is accessed. Card readers and magnetic stripe technology are inexpensive and readily available, making the technology highly vulnerable to fraud.
One extremely prevalent example of such fraud is ATM skimming. Skimming occurs when a criminal copies the data stored on your card’s … (3 comments)
|
|
|
|
In a recent post (Hackers Play “Social Engineering Capture The Flag” At Defcon), I pointed to a game in which contestants used the telephone to convince company employees to voluntarily cough up information they probably shouldn’t have.
;)
;)
;)
