In my professional opinion this is a very good example of the type of threat posed by Identity Theft, because, like most Identity Theft victims, the crime was not discovered until well after the fact.
I heard a story very much like this around 1991. A large multinational
corporation was robbed by multiple wire transfers that occurred in a few
seconds or less. The theft was something like $300 Million.
I had happened years before the story went out. I remember it shocked
me to learn that the theft was not reported because the company did not
want to startle its shareholders.
So they lost $300 Million back in the late 80s and didn't want to say anything.
Now several banks have collectively lost $1 Billion and could not say
anything, not because they didn't want you to know, but because they
themselves did not know.
If you saw Superman III you
understand the idea behind this. If you have been a victim of Identity
Theft, particularly non-financial Identity Theft, then you know what can
happen.
Now the two have been combined. If you saw the reboot
of Battlestar Galactica you can appreciate why Commander Adama ordered
"There will be no networked computers on this ship."
If you
argued with your Grandparents that you had to lock your door or your
car, you need to understand now that you must have an Identity Theft
Restoration service. Just like you pay for water, which again used to be
free from a well.
This is the 21st Century. Times are changing. Rapidly. Be aware.
https://www.youtube.com/watch?v=p79VXtktIJo#t=114
Tuesday, February 17, 2015
Malicious Spyware infects firmware
Your information is on more than one network and if someone wants it bad enough, like from Anthem or your Bank for example, they can get it. And they don't need it because they are trying to do you any favors.
Be aware that anything on a network is vulnerable and there is an arms race to protect it whether you are participating in it or not.
Be aware that anything on a network is vulnerable and there is an arms race to protect it whether you are participating in it or not.
"Kaspersky Lab says the malicious spyware ... implants are different from other cyberattacks in that they directly infect a computer’s firmware — the software that links directly to the hard drive.http://time.com/3711462/u-s-cyber-warfare-equation-group-kaspersky-lab/
This means that it is beyond the reach of most antivirus and security products, and is immune to efforts to wipe clean or even replace hard drives since it can be recalled at will."
Saturday, February 14, 2015
Types of Identity Theft
Apparently I don't have a post on the Types of Identity Theft.
I thought I did but I will finish this one out soon.
For starters here is some information that should remain intact after editing.
The Federal Trade Commission (FTC) is the nation’s consumer protection agency. The FTC works to prevent fraudulent, deceptive and unfair business practices in the marketplace.
The FTC maintains an Identity Theft education site at http://www.consumer.ftc.gov/features/feature-0014-identity-theft and has previously defined Identity Theft by stating:
I have identified 5 Basic Types of Identity Theft consistent with this definition although that can be and has been expanded into 8 or 10 or more.
The 5 as I call them are:
From their website http://www.bjs.gov/index.cfm?ty=tp&tid=42
unauthorized use or attempted use of an existing account
unauthorized use or attempted use of personal information to open a new account
misuse of personal information for a fraudulent purpose.
Medical Identity Theft, and Social Security/Financial Identity Theft of Children and Seniors are the 3 most common types of Identity Theft at present.
Financial Identity Theft differs from Bank Fraud and Credit Card Fraud and represents less than 30% of the issue. CitiBank used to run ads that made it seem like Financial Identity Theft was the only type. Those ads have not been broadcast or cablecast for several years at this point.
Also you will notice that LifeLock no longer has their CEO's Social Security Number on display in ads and they don't claim to stop Identity Theft either. This is another change demonstrating an improved understanding of the complexity of the issue.
The 5 Types of Identity Theft are also commonly expanded as I mentioned, here is a variation with some additional commentary from me:
I thought I did but I will finish this one out soon.
For starters here is some information that should remain intact after editing.
The Federal Trade Commission (FTC) is the nation’s consumer protection agency. The FTC works to prevent fraudulent, deceptive and unfair business practices in the marketplace.
The FTC maintains an Identity Theft education site at http://www.consumer.ftc.gov/features/feature-0014-identity-theft and has previously defined Identity Theft by stating:
Identity Theft occurs when someone uses your personally identifying information, like your name, Social Security number, or credit card number, without your permission, to commit fraud or other crimes.
I have identified 5 Basic Types of Identity Theft consistent with this definition although that can be and has been expanded into 8 or 10 or more.
The 5 as I call them are:
- Driver's Licence
- Social Security
- Medical
- Character/Criminal
- Financial
From their website http://www.bjs.gov/index.cfm?ty=tp&tid=42
For the National Crime Victimization Survey (NCVS), the definition of identity theft includes three general types of incidents:
Medical Identity Theft, and Social Security/Financial Identity Theft of Children and Seniors are the 3 most common types of Identity Theft at present.
Financial Identity Theft differs from Bank Fraud and Credit Card Fraud and represents less than 30% of the issue. CitiBank used to run ads that made it seem like Financial Identity Theft was the only type. Those ads have not been broadcast or cablecast for several years at this point.
Also you will notice that LifeLock no longer has their CEO's Social Security Number on display in ads and they don't claim to stop Identity Theft either. This is another change demonstrating an improved understanding of the complexity of the issue.
The 5 Types of Identity Theft are also commonly expanded as I mentioned, here is a variation with some additional commentary from me:
- Driver's Licence: We all knew someone in High School who used a fake ID to get Alcohol or Cigarettes, that is an example of someone using another person's Driver's License to do something they could not. This is the basis of Identity Theft. If a warrant were issued for that person's arrest, it would have been issued for the person represented by the Driver's License.
- Social Security: The IRS reported that $3.6 Billion in refunds were sent to parties who had filed on someone else's SSN. This type of ID Theft also allows people to work and generate a tax burden on someone else's SSN.
- Medical: Just as above, with your medical account info, such as your SSN if you are on Medicare, someone else can access your benefits and potentially use them up for themselves. This can also create an issue in medical databases and cause you to get the wrong type of medical treatment and this is a danger that can kill you.
- Character/Criminal: Obviously, with enough of your credentials, a criminal can pass themselves off as you, such as by getting a warrant issued for your arrest because a speeding ticket was written on your Driver's License as mentioned above. Proving that you were not the perpetrator of a crime is one of the ugly hurdles ID Theft victims must clear.
- Financial: By using your credentials to open a new financial account a thief commits Financial ID Theft as opposed to Bank or Credit Card Fraud which are related to abusing one of your existing accounts.
- Business: As above, if the credentials were your Business TIN (instead of your personal SSN) or some other business credential, a thief can transact or commit crimes as if they were your business. This could be buying inventory, billing for service, securing contracts they don't honor, etc.
- Of the Deceased: If any of the above types 1-5 are stolen from a deceased person instead of a living person, then this may be classified as Identity Theft of the Deceased.
- Child: A minor may not have a credit profile until they are 18, in most cases, so if the SSN of a newborn or young child is stolen and abused it may be 18 years before anyone even notices. This is still commonly SSN ID Theft as per 2 above.
- ID Cloning: As illustrated very well in the Steven Spielberg film To Catch a Thief, and many spy movies including James Bond, someone can effectively impersonate you with enough information. This is basically a combination of all the types of ID Theft but can also involve transactions conducted in person with a witness as opposed to electronic transactions where there may be no one willing to say they are sure you were who they were dealing with.
- Synthetic: By combining one Driver's License, another SSN, a third medical account and possibly also someone else's credit card or business entity a composite person maybe synthesized to create "Synthetic" Identity Theft. Again, this often involves one or more of the initial 5 basic types of identity theft.
Anthem Data Breach
After an online attack on Anthem, by far the largest breach in the industry, security experts warned on Friday that more attacks on health care organizations were likely because of the high value of the data on the black market.
http://www.nytimes.com/2015/02/07/business/data-breach-at-anthem-may-lead-to-others.html?_r=0
Notice that if
"The information stolen from the insurance giant includes names, birthdays, medical IDs, social security numbers, street addresses, e-mail addresses and employment information, including income data," that may be enough information to file your income taxes and do plenty of other damage, including getting new insurance in your name with your credentials.
http://www.nytimes.com/2015/02/07/business/data-breach-at-anthem-may-lead-to-others.html?_r=0
Notice that if
"The information stolen from the insurance giant includes names, birthdays, medical IDs, social security numbers, street addresses, e-mail addresses and employment information, including income data," that may be enough information to file your income taxes and do plenty of other damage, including getting new insurance in your name with your credentials.
Subscribe to:
Posts (Atom)
Welcome
Welcome to my blog. The primary purpose of this Blog is to provide links to source material that I may have quoted in a presentation or training or researched in answer to a question I have been asked.
I hope this site helps you share this information with others and/or conduct your own research. Please contact me with any questions. Thank you for visiting.