Thursday, July 29, 2010

FBI will have easier time getting ahold of your Internet activities

I don't know how I feel about this:

"The Obama administration is seeking to make it easier for the FBI to compel companies to turn over records of an individual's Internet activity without a court order if agents deem the information relevant to a terrorism or intelligence investigation." Washington Post

On the one hand the war on terrorism and the growing threat of drug gang and narco-syndicate violence needs to be fought more effectively.

On the other hand our privacy is important as we know from our work on identity theft protection. If the FBI could also add ID theft scrutiny to their Internet intrusion and monitoring then I would say "Git 'Er Done."

One of the biggest problems as y'all well know, is that hackers, phishers, spammers, scammers, and all manner of id thieves operate in anonymity and with impunity. Maybe we can get the "gendarmes" on the case and root out people who destroy so many lives.

There are still many questions about how this all will work because there are so many Internet media - would a Facebook posting of request for a "friend" qualify if it was a suspicious request?

By the way over 50% of my Twitter follower requests end up being denied by Twitter because iof "suspicious activity." What's that all about and should we the consumers know?

Keep listening we are getting ready to launch the ID theft education and awareness certification program.


Tuesday, July 27, 2010

New Zealand Cyber spies. Watch out!

Here is some interesting news. can this massively intrusive system be used to steal people's identities. You bet!

NZ’s cyber spies win new powers

January 3, 2010 · 1 Comment By Nicky Hager New cyber-monitoring measures have been quietly introduced giving police and Security Intelligence Service officers the power to monitor all aspects of someone’s online life.

The measures are the largest expansion of police and SIS surveillance capabilities for decades, and mean that all mobile calls and texts, email, internet surfing and online shopping, chatting and social networking can be monitored anywhere in New Zealand.

In preparation, technicians have been installing specialist spying devices and software inside all telephone exchanges, internet companies and even fibre-optic data networks between cities and towns, providing police and spy agencies with the capability to monitor almost all communications.

Police and SIS must still obtain an interception warrant naming a person or place they want to monitor but, compared to the phone taps of the past, a single warrant now covers phone, email and all internet activity.

It can even monitor a person’s location by detecting their mobile phone; all of this occurring almost instantaneously."

Saturday, July 17, 2010

Another Major Iowa Data Breach -

For those of you who don't read the Des Moines Register (That's now almost everyone in Iowa and the world!) here was a short story that most folks did not see except the 93K and their families and fiends who were affected.

(Left - Screen shot of Buena Vista Homepage by Schmidt, 7-17-2010)

Des Moines Register

"A database security breach may have exposed personal information of 93,000 people associated with Buena Vista University.

Buena Vista officials in Storm Lake began notifying people Thursday that the privacy of thousands of names, Social Security numbers and driver's license numbers dating back to 1987 may have been compromised last month.

University President Fred Moore said there is no evidence the information has been misused or sold. He apologized for the incident.

The university is offering free credit-monitoring protection and $25,000 fraud insurance for a year to those affected. It hired global auditing firm KPMG to investigate the breach.

Moore did not specify how much the security breach has cost the university, but said it has required a "significant amount of resources." The expenses won't affect tuition, the university's budget or any of its programs, he said.

The school has updated its security policies and procedures. Moore did not detail the changes, citing security concerns. The school's security procedures prior to the breach were evaluated by the auditing firm and were deemed to be comparable to those found at other institutions, he said.

"We're taking steps to upgrade and tighten the security of our network. Unfortunately, no network, no matter how tight, is impervious," Moore said." DSM Register and AP info

So if BVU had a security system comparable to other institutions were are all royally screwed as we used to say! It is just NOT enough to slouch along with sensitive security. There has to be an aggressive push back, a 24-7 command center for data security where every suspicious activity is monitored like NORAD monitored every blip on their radar screen.

We need a new "culture of security" not just some IT guy doing security as part of other jubs which is how most security systems in business, government, and education operate today according to a private, confidential audit we saw in June.

There is almost - No ID Theft Awareness training. No Due Diligence. No FACTA or Red Flag compliance.
And NO penalty for data losses! No punishment for lax security.

Someone really needs to sue in one of these data loss cases (TJ MAXX would have been a good one) and get a big class action settlement to shake up those who manage sensitive identity information. Nothing like a good "spanking" to get data managers on the ball.

Buena Vista University's new slogan should be - "Confidently NOT in Control!"


Wednesday, July 07, 2010

FlashPoint T.V. Interview

Many of you have requested a link to the FlashPoint TV interview that aired on 4 July 2010. Below is a link that will direct you straight there.

Thanks for you interest and keep on writing me your suggestions for upcoming articles, concerns and sharing your stories.

Please share your stories with us. Your stories help us direct our research.

You can write me at:

Michael McCoy
Iowa State University
559 Ross Hall
Ames, Iowa 50011

Tuesday, July 06, 2010


Just because traveling is on the collective US brain right about this time of year, doesn’t mean we have to lose our minds! And since we are indisputably at a higher risk of identity theft while traveling, there are certain tips of the trade that really need to be taken to heart to ensure safe travels -- basic, but potentially huge identity-saving tips.
Here’s our best assimilated list:
+LESS IS BEST – leave the checkbook and social security card at home (no extra bait needed);
+HANDLE YOUR MAIL – generally best held by the post office (an overstuffed home mailbox is like broadcasting your absence);
+MAKE SMALLER CASH WITHDRAWALS – even if more frequent; so as to use local currency while traveling and minimize credit card exposure;
+TAKE PRE-PAID CARDS – they’re unusable by a thief and replaceable if stolen;
+KEEP TRACK OF RECEIPTS – treat these like an extension of your money;
+SAFEGUARD RENTAL CAR AGREEMENTS – keep these with you in lieu of in the glove box;
+MEMORIZE YOUR PIN – this is a good idea whether traveling or at home;
+AVOID CYBER CAFES – or at least avoid conducting sensitive personal business on them;
+BACK HOME, DO A DOUBLE-TAKE – double check your accounts and beware of late statements (twice my family has had fraudulent credit card charges upon returning from Mexico).

Adios and Bon Voyage!
Thanks to and

  • All Material is Copyright © 2009 Michael McCoy and SEAS, L.L.C
  • Deter. Detect. Defend. Avoid ID Theft -