The CrimeDex Report - Fraud prevention tips, news and insights for businesses and sonsumers
Click on a feature to scroll down
- Still Legal: Caller ID Spoofing
- How not to get rolled by Key Loggers
- Cyber Security Insight, by Amcrin CTO Jon Stanford
What does "personal information loss" mean anyway?
- Gator Bites
Insights into the world of fraud, by Jim "Gator" Hudson, President, Amcrin Corporation. A decorated, 23-year veteran law enforcement specialist, Jim Hudson — Gator to his many friends — shares unique ideas and perspectives on the world of check fraud, identity theft and Internet scams.
Did you know...
The top five states where identity theft occurs are:
Source: Identity Theft Data Clearinghouse
Still Legal: Caller ID Spoofing.
The Associated Press reported this week on the growing problem of Caller ID spoofing. What's particularly concerning to law enforcement, financial services concerns and consumers is the fact that the practice is not yet illegal. "Millions of people have Internet telephone equipment that can be used to make any number appear on a caller ID system," reporter Peter Svensson writes in a March 1, article. Click here to learn more.
Key Logger Devices on the Rise.
We've been sharing information on key loggers for a few years now. Key logging devices are either embedded in software and sent by email in the form of viruses or are actual hardware devices attached to the back of computers. The embedded systems put them in the category of programs known as Trojan Horses. The hardware devices are attached to the back of computers to look like a standard piece of computer-related equipment. These fraud-enabling devices record every key stroke. Keylogging programs helped a gang of fraudsters in Brazil recently steal almost $5 million from 200 accounts at six banks. Another group of Russia-based fraudsters stole $1.1 million from personal bank accounts in France.
How can you protect yourself from these devices? First, be suspicious of unfamiliar weblinks sent to you through email. Next, make sure your antivirus programs are up-to-date. Last, don't forget to regularly download the latest software patches from Microsoft, if you use a PC.
Cybersecurity Insight, by Amcrin CTO Jon Stanford
Every day you read or hear more about data loss or theft, stolen laptops or lost backup tapes. These events aren't really happening more frequently, they're just more newsworthy these days because the public at large is becoming more interested... ID theft is on everyone's mind. Yet, most people, and many companies, don't really know what's at risk.
There are essentially three types of information about someone: personal, private, and personally-identifiable. How would you describe a paper that has a person's name, social security number, and a list of web sites they visited last month? What about a list of just the web sites and the last four digits of their social security number? Which is which?
Personal information is attributable to someone, including their name, date of birth, the college they attended or the names of their parents. If exposed to the public, most people would say "so what?" They don't see a specific risk to their safety or identity. However, personal information can be aggregated to present a more complete picture of a person's identity if it is stolen.
Private information is a type of personal information and is not generally known to others, often protected by federal law. This may include financial, education or medical records. Loss or exposure of private information carries a higher degree of short-term risk. In contrast, most people consider some information private, which may include the name of the first person they dated or what kinds of books they like to read. Whether or not something is private often depends on the personal or legal context.
Personally-identifiable information is that from which a person's identity can be derived. Examples include account numbers, cell phone or computer ID's, access logs etc. Using technology leaves a trail throughout the electronic world. Many privacy advocates object to the use of browser tracking-cookies on computers for the reason that a person's online behavior can be inferred.
Understanding the types of information needing protection is fundamental in designing and implementing the most effective security to prevent data loss or exposure. Every organization must assess and manage these risks and make informed decisions to protect information in their care.
Shredding documents is one of the simplest and easiest things you can can do to protect personal data. In Los Angeles, the city's Department of Social Services could use this simple lesson in how to protect sensitive personal information on as many as 2 million Angelenos. Personal records held by the department were improperly stored finding the DSS in the cross hairs of local politicians and citizens. Click here to see the recent KNBC story.
New Features for CrimeDex Subscribers
Do you have a complex case that needs analytical support? BOL CrimeDex analysts can take your data and create case visualizations for you.
The cost? If you are a member of the CrimeDex Fraud Sharing Network there is no additional fee for our proactive analysis of data. You will also receive our Analysts Reports free of charge.
If you need help with a complex case contact us.
Not a CrimeDex subscriber? Sign Up!
First published on 03/15/2006