Tuesday, May 31, 2011

BBB's Small Business Week 7 Scam Alerts


On the cusp of the Better Business Bureau’s Small Business Week, we examine their 7 “scam alerts” as the year-round good business sense that they are:
1. DIRECTORY SCAMS – unsolicited updates or listings requested by yellow pages or other directories can result in bills for an ad or listing to which an owner doesn’t remember agreeing; TIP: be sure to get any details regarding a directory listing in writing and read (or have your attorney read*) the “fine print” such as cancellations that will automatically renew unless made in writing;
2. VANITY AWARDS – you receive the notice online or in the mail that you’re the recipient of a business award; TIP: beware of award notifications that subsequently require payment in order to receive the award!
3. OFFICE SUPPLY SCAMS – scammers send phony invoices, subscription statements or office supplies or equipment bills to business owners with the hope that they’ll just get paid! TIP: have a clear system for accounts payable to track what’s been legitimately ordered;
4. OVERPAYMENT SCAMS – fake customers target businesses which sell goods or products by overpaying with check or credit card and requesting extra money wired back to them; TIP: avoid wiring money to unknown customers, clients or vendors!
5. STOLEN IDENTITY – con artists pose as representatives of fabricated or closed companies to defraud business owners and often damage the business’ reputation in the process (because customers tend to blame the real business regardless of the theft); TIP: if your business identity is stolen, public notification by way of a press release, mailing or website helps mitigate damages!
6. PHISHING EMAILS – many scammers access businesses by way of a phony email looking like notification from the IRS or other governmental agency or perhaps claiming an award or settlement of some kind; TIP: do not click on link in suspicious emails, even if it appears to be “urgent;” instead, first research the sending entity’s authenticity.
7. DATA BREACHES – due to employee negligence, hackers and other factors, data breaches will inevitably occur; company security and customer trust can be seriously jeopardized by the failure to prepare; TIP: the BBB offers a free data security program at www.bbb.org/data-security.*

*Outside of the BBB recommendations and its valuable tips for business owners, this writer will add that one of the best allies a business owner can have in minimizing exposure and handling risk is an attorney. Thwarting scams is undoubtedly a year-round endeavor, and today, just part of good business.

IPads in the White House!?

Here is an interesting development reported by the Washington Post. Is this a good idea, a bad idea, safe (from an information security perspective)? (Remember that there have been massive breaches and data loss BEFORE this switchover started so how secure and safe were the old and less cool devices.)

"Analysts and government officials say the demand for consumer technologies is coming from two directions. At the top, agency directors and senior officials are using iPads, Android phones or Web-based e-mail in their personal lives and asking IT administrators why they can’t use them at work. But the bigger push is coming from frontline workers, who see the value consumer technology could add to their working life, making them more mobile and less tied to an office.

“People have better access to information technology at their homes than they do at work, and that’s especially true in the public sector,” said Vivek Kundra, the federal government’s chief information officer. “If you look at the average school kid, he or she probably has better technology in his or her backpack than most of us do in government offices.”

And employees are no longer taking no for an answer. A recent Forrester Research study showed 35 percent of workers in the United States either buy their own smartphone for work, use unsanctioned Web sites or download unapproved applications on a work computer. Why? Twenty four percent of do-it-yourselfers say the technology is better than what their job provides. Thirty-six percent say they need it, and their employer won’t provide an alternative. And nearly 40 percent say they use it at home and, well, they want it at work, too."

Now the feds also need to implement ID theft awareness certification for their employees like we provide.


Steffen Schmidt

Labels: ,

Monday, May 30, 2011

Weiner Twitter Site Hacked - Lewd Pictures Sent

Besides ID theft and financial hacking we are now seeing the talents of codecrackers being used to do "fun" things like hacking the Public Broadcasting web site and now highjacking a Congressman's Twitter site to send lewd pictures. It's a dangerous Internet out there!

From the NY Times: "Representative Anthony D. Weiner, one of the most prolific users of social media among politicians, said his Twitter account was hacked this weekend when someone sent out a lewd photograph under his name to a young woman in Seattle.

The episode unfolded Saturday night when it was reported on the Web site biggovernment.com, run by the conservative blogger Andrew Breitbart. It played out all day Sunday on the Internet, with Mr. Weiner, a Democrat who represents part of Brooklyn and Queens, addressing the matter on his own Twitter and Facebook accounts, and with bloggers from the left and the right arguing about whether this might be the start of a scandal or an example of how easy it is for political rivals to harm each other’s reputations using new technologies."

Gennette Nicole Cordova, the Seattle woman who was sent the tweet said:

I am a 21-year-old college student from Seattle. I have never met Congressman Weiner, though I am a fan. I go to school in Bellingham where I spend all of my time; I've never been to New York or to DC. The point I am trying to make is that, contrary to the impression that I apparently gave from my tweet, I am not his girlfriend. Nor am I the wife, girlfriend or mistress of Barack Obama, Ray Allen or Cristiano Ronaldo, despite the fact that I have made similar assertions about them via Twitter.
There have never been any inappropriate exchanges between Anthony Weiner and myself, including the tweet/picture in question, which had apparently been deleted before it reached me. I cannot answer the questions that I do not have the answers to. I am not sure whether or not this letter will alleviate any future harassment. I also do not have a clear understanding as to how or why exactly I am involved in this fiasco. I do know that my life has been seriously impacted by speculation and faulty allegations. My reputation has been called into question by those who lack the character to report the facts."


Labels:

PBS web site hacked

Once again we report about a breach of the Internet. This time the news is about news media and entertainment sites. Who cares? Well, some of these sites notably PBS have information on "subscribers" and other people who have signed up for the site. We don't know for sure what all information these media sites have living on their servers. Here's the story.

The New York Times reported that, "The PBS Web site briefly carried a fake story claiming that famed rapper Tupac Shakur was alive and living in New Zealand after a group of hackers took over the organization’s computer systems on Saturday night.

In addition to posting the fake news story, the group, which identified itself on Twitter as @LulzSec or The Lulz Boat, began posting passwords and e-mail addresses of people from a wide range of news organizations and other information belonging to PBS.

As late as 2:30 a.m. on Monday, PBS had still not regained control of its Web site as the hackers continued to post defaced pages"

We also learned that "The group has attacked other media organizations in the past month, according to Secure Business Intelligence (http://www.scmagazine.com.au/News/256996,x-factor-hackers-claim-foxs-scalp.aspx), including Fox News and the X-Factor television show."




Labels: ,

Sunday, May 29, 2011

Facebook Scams and ID Theft on the Rise

It had to happen!


If YOU Tweet you'll have noticed endless requests from Tweeters deleted by Twitter because they are identified as dangerous or risky. Now imagine now many get through undetected. Facebook is worse because there is so much "stuff" in there - games, polls, surveys, etc. and because you actually believe that those people you have friended (often because they were friends with someone you know personally so they've got to be ok). FOLKS those "friends" are not your friends. And, in 2011 any idiot hacker can spoof your friends, make it seem like a posting is coming from your auntie Mabel and trick you into doing stupid things.

Here is the article from the Boston Globe, "As more people turn to Facebook and Twitter for much of their online communicating, Internet scammers and spammers are trying to cash in by hijacking the names and images of users’ “friends’’ and “followers.’’ They use the stolen identities to place fake come-on's and shady pitches alongside all the funny pictures and snide remarks posted by people legitimately granted access to online accounts.

The goal is to trick users into buying products, volunteering credit card numbers and other personal information, or unknowingly installing malicious software that can damage computers. Too often, the tactics work, according to computer security specialists, in part because of our faith in people we know."

So the 500 million Facebook and 200 million Twitter accounts mean that YOU are vulnerable to the bad intentions and criminal behavior of more people than the entire population of the United States! Plus, as a smart friend said "In the US we trust people until they prove to us we should not trust them." Bad mistake because on the Internet you really don't know who's behind that message - you don't see or hear them. It's just a name. Which may or may not be who is actually contacting or posting you.

Here is some advice: "Michael Kaiser, executive director of the National Cyber Security Alliance, a nonprofit that promotes Internet safety and security, said computer users should train themselves to resist the urge to immediately click on message links, even when they appear to be legitimate. Lack of restraint is something e-crooks count on, he said."

Human beings are impulsive. Ever buy something in the check out line, something you had NO intention of buying? We have! So that's how the scam artists and crooks work as well. “When you’ve been tricked into thinking that you want to do something,’’ said Sophos’s Wisniewski, “you’ll usually bypass any security.’’

And you "click" on that link!



Labels: , ,

Saturday, May 28, 2011

Data Breach at Security Firm Linked to Attack on Lockheed


We are saddened to report another very serious data breach problem. This one is so vast, encompassing both national security mission-critical targets and potentially posing a risk to Fortune 500 companies and therefore a danger to the entire economy of the United States.

The New York Times reported, "Lockheed Martin, the nation’s largest military contractor, has battled disruptions in its computer networks this week that might be tied to a hacking attack on a vendor that supplies coded security tokens to millions of users, security officials said on Friday.

The SecurID electronic tokens, which are used to gain access to computer networks by corporate employees and government officials from outside their offices, are supplied by the RSA Security division of the EMC Corporation."

This is also a great example of what we have been arguing for years. Data breaches DO NOT RESULT IN IMMEDIATE ATTACKS but often have a significant delay period before the confidential information that was stolen is put to use in criminal or military/security attacks. The data from EMC was stolen in a March breach. It took almost three months before evidence began to surface that the stolen "tokens" were being illegally used.

By the way these tokens provide security " ... beyond a user name or password by requiring users to append a unique number generated by the token each time they connect to their corporate or government networks." So, if you steal the token the YOU TOO can get the magic "new number" when you start hacking these sensitive web sites!

“The issue is whether all of the security controls are compromised,” said James A. Lewis, a senior fellow and a specialist in computer security issues at the Center for Strategic and International Studies, a policy group in Washington. “That’s the assumption people are making.”

So now even the highest level security access, the one used by military contractors and other "high end" users, has shown us how inherently weak all of our network security systems really are. We need a whole new architecture, a new concept, for Internet security and the industry seems incapable of inventing that because until recently security cut into profits and no one was demanding higher vigilance.

Labels: , , ,

Saturday, May 21, 2011

Children's Identity Theft - A Serious and Growing Problem


We have blogged about the risks to children's identity before and it is in both our books. We also hammer away at this terrible risk in all of our lectures and seminars all over the United States and Canada. BUT, it can never hurt to hammer away again! Below is a very useful and interesting (as well as scary) report from MSNBC which was sent to me by a former student who is specializing in kid's ID theft but who prefers to remain unnamed here.

Stop ID thieves from stealing your kid's credit
Crooks are targeting children's pristine credit records. What parents can do about it

By Bob Sullivan Technology correspondent
msnbc.com msnbc.com
updated 5/12/2011

http://today.msnbc.msn.com/id/42997608/ns/today-parenting/t/stop-id-thieves-stealing-your-kids-credit/

"Parents struggling to keep track of their kids' vaccinations, homework, dance classes and veggie intake have precious little time for other worries, but a serious new threat is demanding their attention: Identity thieves are increasingly targeting children, in some cases stealing their identities even before they are born.

As an investigation by NBC’s Jeff Rossen and TODAY revealed Thursday, criminals routinely use a child’s pristine credit record to their advantage and get away with it for years or decades — even if law enforcement knows exactly where the imposters live. TODAY showed this in dramatic fashion, hunting down two alleged child imposters and capturing their comments on camera.

Rossen’s story on TODAY also features a 9-year-old girl who is in default on utility bills, a teenager with $750,000 in debt, and a 2-year-old with a pile of credit card bills.

So parents should obtain their child's credit report as soon as they are born, correct? Not really

"http://AnnualCreditReport.com. Requests for information on a juvenile from the site will be immediately rejected. There are legal reasons for this, according to Susan Henson of Experian, one of three major credit reporting bureaus — the Children's Online Protection Act restricts the collection of information about kids under 13 years old. Also, information about a third party can only be disclosed after the requester provides proof of legal guardianship, and that can't be provided through the website. So all three bureaus require direct contact to get kids' credit reports."

Our entire national legal system regarding parents checking their child's credit record is weak and broken. Of course, we all understand "privacy" rights of infants and minors but we assume the parents are the crooks (unfortunately sometimes they are) when in fact it is a horde of criminal strangers who are assaulting the system.

as our ridiculously insecure Social Security-based "national identity card." Yes, I call it a National Identity Card because, although there is a pretense that the United States does not have and does not want an national Id card as some countries have, we in fact do. Try and conduct any business, change anything on your credit card, buy a house or car, enroll in a school or university, apply for a job, buy insurance, open a 401K, open a bank account, buy a firearm, and you will be asked for your National Identity Number - the Social Security number! Unfortunately we don't have a secure and fraud proof ID card to go with that number. So, anyone who gets hold of your name, place of birth, date of birth, and SS number can now be YOU!

We need serious and immediate reform because identity theft could undermine the economic and national security of this country and I am not blowing hot air here. How will we conduct business or provide health care if we cannot be sure of the identity of people we are dealing with? And, what if a terrorist organization gets hold of several thousand American born children's identities and the uses them to build a cadre of terrorists who now have American-sounding names and American birth places? We need action but unfortunately Congress is too busy fighting amongst themselves over trivial ideological issues to address this issue.

The Identity Theft Resource Center is a very useful resource and they have a sample letter to request a child's credit report. http://www.idtheftcenter.org/artman2/publish/v_templates/Letter_Form_120.shtml

Our ID theft prevention education seminar.

A new on line ID theft awareness certification class, offered by me through the Iowa State University College of Engineering on line learning system, covers the many risks. If you have employees who handle sensitive customer data it might be a good idea to have them take this inexpensive and engaging Internet seminar. At the end of the course upon successfully completing the user-friendly quiz they are issued a certificate of completion. You may find out more about the seminar here

http://www.eol.iastate.edu/Professional-Development/Courses/idtheft.html

WARNING! ONLY this address will take you to the legitimate Engineering web site! We have published the full URL instead of hot linking a word so you can see the address.

Steffen Schmidt, PhD. Professor of Public Policy and Information Security

Labels: , , ,

Wednesday, May 18, 2011

Here we go again! More Data Theft!

We have warned here that the personal information of Americans is no longer safe.

"The personal financial information of up to 210,000 unemployed Massachusetts residents may have been stolen in a data breach caused by a virus discovered in state labor department computers four weeks ago, officials said yesterday."

"Names, addresses, and Social Security numbers, among other data, may have been taken, said John Glennon, chief information officer for the Massachusetts Executive Office of Labor and Workforce Development. The number of affected recipients is probably a small fraction of the total number of potential victims, according to Glennon. The virus attempted to transmit confidential information to digital thieves, he added, but it was not clear how much, or even whether, any data was successfully stolen."

I will predict here that every American will have their confidential information stolen over the next two years. this will pose a huge threat to national security, economic stability, and individual tranquility. We will soon be a country of frightened, sleepless paranoids who spend all day and nights trying to recover their credit and personal information.

Labels: ,

Tuesday, May 17, 2011

Electronic Medical Records at High Risk

We warned you didn't we? Go look at past blogs and talks we've given all over the United States. Now read this.

"The nation’s push to computerize medical records has failed to fully address longstanding security gaps that expose patients’ most sensitive information to hackers and snoops, government investigators warn."

"Two reports released Tuesday by the inspector general of the Health and Human Services Department find that the drive to connect hospitals and doctors so they can share patient data electronically is being layered on a system that already has glaring privacy problems. Connecting it up could open new pathways for hackers, investigators say."

More on this soon.



Labels: ,

Sunday, May 15, 2011

Fraud Ring Scams Millions, Hurts Military Families

Yeah "I Want YOU so I can steal your credit and your identity soldier! "


Just when you think the slime of the earth have thought up every way of stealing and hurting people another scheme is revealed! I know that you are already depressed and angry enough but I have to share this one from the Seattle Times with you. The saying "a sucker is born every minute" but when we, as a society and state as well as the federal government do not provide consumers with protection then sooner or later we will all be suckers.

"The Army and Tacoma, Washington police are investigating a fraud ring that last year allegedly bilked Army and Air Force Exchange Service stores out of about $500,000 in merchandise, and also hit other businesses that extend credit.

Promoters of the scheme promised to reduce debt, persuading some 1,800 people, including dozens of soldiers, to participate.

Those people allowed the promoters electronic access to their credit accounts to pay down bills. More than $3 million used to pay those debts was illegally diverted from a bank in Ohio, according to investigative documents and interviews with law-enforcement and bank officials.

"The company would pay two dollars [of debt] for every dollar" paid to them, said one staff sergeant, who learned of the scheme from a fellow soldier at a barbecue. "I asked ... how that could possibly work, but he said it worked. That should have thrown up a red flag, but it didn't."

Now some of the soldiers who accepted the deal risk being charged as co-conspirators in crimes of wire fraud and larceny, according to investigative documents.

At Joint Base Lewis-McChord, 78 soldiers have come under scrutiny, according to the Army. At least 46 of those soldiers are facing disciplinary actions, including more than a dozen who were charged through the military judicial system.

Many of the details of the investigation have not been publicly disclosed. Pierce County prosecutors have yet to file any charges in the case, so it's unclear who organized the alleged scheme.

Pleased, then alarmed

Some soldiers who gave promoters permission to electronically pay down their debts were initially pleased with the results. Payments were made, and their debts were reduced, they told Army investigators.

But later, they found their credit accounts at the Army and Air Force Exchange Service were put on hold due to fraudulent activity.

"To date, it appears that this scheme began in the civilian communities around Joint Base Lewis-McChord, and eventually grew to include a small number of ... soldiers, in much the same way it expanded to include hundreds of civilian residents of our surrounding cities and towns," said Maj. Kathleen Turner, a base spokeswoman.

Investigative documents indicate the scheme unfolded during a nearly five-month period that ended last August. The money to reduce the debt was allegedly siphoned out of a bank account of Credit First National Association in Ohio.

"This was real money. It belonged to us," said Jeremy Smith, a spokesman for Credit First National, which issues auto-related credit cards. "We have recovered some funds, but not all. We're still working on that."

Smith said the focal point of the scheme was in Washington state. The bank has been cooperating with Tacoma police and military investigators.

Promoted on Craigslist

The investigation began last year after Tacoma Public Utilities noted that more than 300 customers all paid their bills from the same bank account, according to Mark Fulghum, a spokesman for Tacoma police.

Investigators eventually found the scheme had been promoted on Craigslist, with some 1,800 people using the debt-consolidation service. The number of people involved has complicated the investigation.

"It does appear that there may be some genuine victims who just thought this looked like it was a way out of debt, but there are others who realized it was a scam," said Pierce County Prosecutor Mark Lindquist.

At Joint Base Lewis-McChord, the Army Criminal Investigation Command began interviewing soldiers to track fraudulent payments to Military Star Cards, which allow purchases at the Army and Air Force Exchange Service. Those includes PX stores.

From March to August 2010, some 300 transfers from the account paid some $500,000 debt on about 90 of these accounts. Other money from the account went to pay car loans, utility charges and other expenses, according to Army investigative documents.

Trade-off: cash, goods

Soldiers told investigators the debt-consolidation scheme was touted through a network of military personnel and off-base associates, who talked it up at bars, parties and baby showers, even at an Army training exercise.

In interviews with investigators, more than a dozen soldiers said an Army specialist with the 14th Engineer Battalion was one of the most vigorous promoters. The specialist repeatedly offered to pay down debt in exchange for a lesser value of cash or electronic gear that could be purchased at the PX, such as iPads, Xboxes or cameras.

One soldier said he had served with the specialist in Iraq and viewed him as a trusted colleague.

Others interviewed by Army investigators said the specialist's services were recommended by fellow soldiers, so they decided to give it a try.

"I thought it was strange, but when the payments kept going through, I just thought he was really trying to help us," said a female soldier. She got her washing machine and dryer paid off in exchange for an iPad her roommate delivered to the specialist.

More than a month later, that soldier got the word her Star Card was invalid and placed on fraud alert.

"I feel really dumb about it. I feel like I was just trying to make a better situation for myself and my daughter," she told Army investigators. "I feel like a victim here."

She said she then had to take out a personal loan to pay down the debts she thought had been taken care of.

To date, the Army has not filed any criminal charges against the specialist from the 14th Engineer Battalion, according to Joint Base Lewis-McChord officials.

Because he has not been charged, The Seattle Times is not naming him. In an interview with investigators, the specialist said he got involved with the scheme after a meeting at a Tacoma basketball court with a civilian who claimed to run a debt-consolidation business that helps out soldiers.

The specialist said he used that civilian's service to transfer about $29,500 from the account to pay down his own debts. He also promoted the scheme to other soldiers.

"I knew there was something shady about it," the specialist told investigators. "I didn't know exactly what was going on, but the bottom line was that those were stolen funds."

Let me remind you of the mantra you've been taught to repeat as if it were a prayer: Buyer beware, don't trust anyone, everyone is a crook, no one wants to "help you", get the Better Business Bureau and the Consumer Protection division of your state's Atty General Office to raise the fraud alert level to code RED! Pass it on.

Our ID theft prevention education seminar.

A new on line ID theft awareness certification class, offered by me through the Iowa State University College of Engineering on line learning system, covers the many risks. If you have employees who handle sensitive customer data it might be a good idea to have them take this inexpensive and engaging Internet seminar. At the end of the course upon successfully completing the user-friendly quiz they are issued a certificate of completion. You may find out more about the seminar here

http://www.eol.iastate.edu/Professional-Development/Courses/idtheft.html

WARNING! ONLY this address will take you to the legitimate Engineering web site! We have published the full URL instead of hot linking a word so you can see the address.

Steffen Schmidt, PhD. Professor of Public Policy and Information Security



Labels: , ,

Friday, May 13, 2011

Obama administration tightens penalties for computer/data breaches. Finally!


I have been blogging and writing and speaking out for almost three years on this topic. If we expect companies to more computer and Internet security (including cloud computing security) up higher on their list of corporate priorities there need to be rewards (trust, reputation, good will, and happier customers) and serious penalties for neglect.

Sounds like Washington finally read my emails, blogs and pleas! (Photo courtesy the The White House, 2011)

"Almost two years after outlining a broad strategy intended to strengthen the security of the nation’s computers and networks, the Obama administration said Thursday that it was sending proposed legislation to Congress that would strengthen penalties for any invasion of private computer systems."

Read the entire article at the NY Times (assuming that you can still get in there now that we have to pay! ).

Here is the CNET version of this which is also very good.

"The White House today sent Congress a proposed cybersecurity law designed to force companies to do more to fend off cyberattacks, a threat that has been reinforced by recent reports about vulnerabilities in systems used in power and water utilities.

This proposal seems designed to prod the legislative branch to enact by the end of the year some variety of cybersecurity legislation, which has been stalled by concerns about privacy, Internet "kill switches," and overreaching regulation. One proposal from Sen. Jay Rockefeller (D-W.V.), for instance, would have explicitly given the government the power to "order the disconnection" of specific networks or Web sites"

Identity and Information Protection Certification from Iowa State University

So now if you own a store or hire people to work sensitive data you REALLY have a need to train them or it could cost you plenty in fines and even jail time. Why not have them take our quick certification for identity theft prevention best practices and the law?

Our new on line ID theft awareness certification class, offered through the Iowa State University College of Engineering on line learning system, covers the many risks. If you have employees who handle sensitive customer data it might be a good idea to have them take this inexpensive and engaging Internet seminar. At the end of the course upon successfully completing the user-friendly quiz they are issued a certificate of completion. You may find out more about the seminar here

http://www.eol.iastate.edu/Professional-Development/Courses/idtheft.html

WARNING! ONLY this address will take you to the legitimate Engineering web site! We have published the full URL instead of hot linking a word so you can see the address.

Steffen Schmidt, PhD. Professor of Public Policy and Information Security



Labels: ,

Friday, May 06, 2011

PC Rental Store Accused Of Using Webcams And Keyloggers To Spy On Customers


As Ronald Reagan used to say "Well, here we go again!"
"A PC rental store in the US called Aaron’s has been accused of spying on its customers with the built in web cameras on their computers and also using key logger software to monitor its customers activity.

The company has allegedly been using software called ‘PC Rental Agent’ which lets them monitor their customers PC activity and they can also shut a users computer down with the software if they haven’t paid their rental fees." More here


Now I've heard of everything!

Privacy has been so completely destroyed that we users of electronic devices need to assume that every computer and smart device we have has been (or will soon be) compromised. So what's a consumer to do? How can we surf the web, do online banking, shop at Amazon and otherwise live the life we live to day in this networked world?

Well, we can and MUST make it very, VERY painful for those who compromise our privacy is security. There need to be huge fines AND JAIL TIME for those who violate the, so far, inadequate federal and state laws on information security due diligence.

"The couple are currently suing Aaron’s, and it looks like it may end up turning into a class action lawsuit, as a number of other customers have also been spied on by the company."

If YOU ever end up on a jury with a case like this be fair, listen to the evidence and then throw the book at the culprits! If you are a judge look at the MAXIMUM sentencing guidelines! Deterrence and fear are the best weapon to reduce these atrocities against consumers.

And, if you own a store or hire people have them take out quick certification for identity theft prevention and the law! See below --

Our new on line ID theft awareness certification class offered through the Iowa State University College of Engineering on line learning system covers this and other risks. If you have employees who handle sensitive customer data it might be a good idea to have them take this inexpensive and engaging Internet seminar. At the end of the course upon successfully completing the user-friendly quiz they are issued a certificate of completion. You may find out more about the seminar here

http://www.eol.iastate.edu/Professional-Development/Courses/idtheft.html

WARNING! ONLY this address will take you to the legitimate Engineering web site! We have published the full URL instead of hot linking a word so you can see the address.


Steffen Schmidt, PhD


Labels: , ,

Thursday, May 05, 2011

The Better Business Bureau is warning internet users about Osma bin Laden related scams


We have warned you about how you use the Internet and here is the latest outbreak of potential risks.

"The Better Business Bureau is warning about a rash of online scams that are breaking out in the wake of the death of Osama bin Laden.

One of the wider spreading ones is spreading through Facebook. This scam features a fake video that purports to show the death of bin Laden. According to internet security company Kaspersky Labs, it prompts users to put a malicious URL into their browers. Their computers are then infected by a virus.

This is the latest in a number of scams that a spreading through Facebook. Many of these scams lead consumers to web sites that are infected with viruses or contain forms that can be used for obtaining personal information which can be used for either identity theft of phishing scams."

This latest threat is just one more reminder that social networking media including Twitter and Facebook are death traps for personal identity losses.

Our new on line ID theft awareness certification class offered through the Iowa State University College of Engineering on line learning system covers this and other risks. If you have employees who handle sensitive customer data it might be a good idea to have them take this inexpensive and engaging Internet seminar. At the end of the course upon successfully completing the user-friendly quiz they are issued a certificate of completion. You may find out more about the seminar here

http://www.eol.iastate.edu/Professional-Development/Courses/idtheft.html

WARNING! ONLY this address will take you to the legitimate Engineering web site! We have published the full URL instead of hot linking a word so you can see the address.


Steffen Schmidt, PhD


  • All Material is Copyright © 2009 Michael McCoy and SEAS, L.L.C
  • Deter. Detect. Defend. Avoid ID Theft - www.ftc.gov/idtheft