SlideShare ist ein Scribd-Unternehmen logo

Ira Wilsker's January 2014 Identity Theft Presentation

Als PPT, PDF herunterladen
Greater Cleveland PC Users Group
Greater Cleveland PC Users Group
TechnologieWirtschaft & FinanzenBusiness
1 von 54
GREATER CLEVELAND PC USERS’ GROUP IDENTITY THEFT January 11, 2014 By Ira Wilsker Some slides are from an ORIGINAL Presentation by Sgt. Eric Gilbert and Sgt. Hiland Priddy, Texas Department of Public Safety (DPS) for mandatory Texas Law Enforcement Officer In Service Training
JANUARY 10, 2014: Personal info stolen from 70M customers, company says
The nation's second largest discounter said Friday that hackers stole personal information — including names, phone numbers as well as email and mailing addresses — from as many as 70 million customers as part of a data breach it discovered in December. Target said in December that customers' names, credit and debit card numbers, card expiration dates, debit-card PINs and the embedded code on the magnetic strip on the back of cards had been
DEBIT AND CREDIT CARD INFORMATION STOLEN FROM TARGET FOR SALE ONLINE
THE ADDRESS IN THE “COUNTRY” COLUMN IS THE LOCATION OF THE TARGET STORE WHERE THAT CARD WAS USED
FOREIGN CREDIT AND DEBIT CARDS STOLEN FROM TARGET FETCH PREMIUM PRICES – ALSO NOTICE “MATURITY” OF CARDS vs. PRICE THESE ARE DEBIT CARDS
FOREIGN CREDIT AND DEBIT CARDS STOLEN FROM TARGET FETCH PREMIUM PRICES – ALSO NOTICE THAT “QUALITY” CARDS WITH HIGHER CREDIT LIMITS FETCH HIGHER PRICES
MANY OF THESE CREDIT CARD SELLING SITES ARE LOCATED IN RUSSIA OR EASTERN EUROPE – ONES ABOVE ARE RUN BY A RUSSIAN WITH THE HANDLE “HELKERN”
THERE HAS BEEN NO PUBLIC DISCLOSURE ABOUT THE METHOD USED TO OBTAIN THE TARGET CREDIT CARD INFORMATION, BUT MANY SECURITY EXPERTS ARE FAIRLY CERTAIN THAT IT WAS LIKELY “SPEAR PHISHING” DIRECTED TO A TARGET EMPLOYEE WHO HAD ACCESS
BULLETIN: Dated January 14, 2014 – KREBS ON SECURITY
2011 EXAMPLE THAT LED TO MASSIVE “SPEAR PHISHING” ATTACKS
APRIL 4, 2011 – Millions Exposed to Potential IDENTITY THEFT! Dallas – The customer lists of about 2500 corporate clients of Dallas based EPSILON, a marketing company, were stolen by a hacker over the weekend. These mailing lists are used to send about 40 billion emails annually to the millions of clients and customers of these 2500 companies. EPSILON has reported that the data stolen consisted of customer names and email addresses, but not personal financial data. A comprehensive list of companies known to have had their client email list stolen includes (as of April 6, 2011):
1-800-FLOWERS AbeBook AIR MILES Rewards Ameriprise Ann Taylor Barclays Bank of Delaware Barclay's L.L. Bean Visa Beachbody bebe Benefit Cosmetics Best Buy Best Buy Reward Zone BJ's Visa Borders Brookstone Capital One Catherine's Charter Communications Citi City Market College Board Dell Dillons Disney Destinations Eddie Bauer Friends Eileen Fisher Ethan Allen Eurosport Soccer Express Food 4 Less Fred Meyer Fry's Electronics Hilton Honors Home Shoppers Network Jay C JPMorgan Chase King Soopers Kroger Lacoste Marks & Spence Marriott Rewards McKinsey Quarterly MoneyGram New York & Company QFC Ralphs Red Roof Inn Ritz-Carlton Rewards Robert Half International Scottrade Smith Brands Target TD Ameritrade TIAA-CREF TiVo TripAdvisor.com US Bank Verizon Victoria's Secret Viking River Cruises Visa Walgreens World Financial Network NOTE: Companies in RED have a presence in this area
The millions of customers of these companies may become the targets of PHISHING or SPEAR PHISHING. PHISHING uses spoofed or counterfeit duplicates of authentic websites for the explicit purpose of IDENTITY THEFT. The victim is tricked into entering valuable personal information on the website. Information solicited is typically credit or debit card numbers, PIN numbers, security codes, expiration dates, user names, account numbers, and passwords.
SPEAR PHISHING is a similar form of IDENTITY THEFT but the emails are targeted to specific users. Since the cyber crook has the customer information from these companies, they will likely be selling that information or using it to send out millions of SPAM emails that look authentic, appearing to be from real companies where the target victim really has an account. This tends to improve the success rate, with more victims disclosing their personal information.
AUTHENTIC WARNING ABOUT EPSILON BREACH 7:42PM APRIL 4
THIS IS THE GENUINE WARNING
ALL OF THESE LINKS LOOK REAL, BUT REALLY CONNECT TO A CROOK IN RUSSIA!
A MORE TRADITIONAL PHISHING EMAIL
NOTE THAT THE CROOK IS ASKING FOR THE DEBIT CARD NUMBER, SECURITY CODE AND PIN NUMBER! THIS WOULD NO LONGER BE YOUR DEBIT CARD, AND YOUR ACCOUNT WILL BE QUICKLY EMPTIED
NOTE THE SPELLING IN THE URL… “orangesavLngs.com
Domain Name: ORANGESAVLNGS.COM Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE Whois Server: whois.melbourneit.com Referral URL: http://www.melbourneit.com Creation Date: 13-jun-2008 Expiration Date: 13-jun-2009 Domain Name.......... orangesavlngs.com orangesavLngs.com Organisation Name.... John Davis Organisation Address. 49960 Esperanza Organisation Address. Organisation Address. carson Organisation Address. 95350 Organisation Address. CA Organisation Address. UNITED STATES Admin Email.......... johndaviiis88@yahoo.com Admin Phone.......... +1.5554843948 NOTE THE PHONEY Admin Fax............ “555” AREA CODE THERE IS NO 555
NOTE CORRECT URL ABOVE
Identity theft is not just an unauthorized charge on a credit card anymore. Identity theft, according to the Federal Trade Commission, “occurs when someone uses your personally identifying information, like your name, Social Security number or credit card number, without your permission, to commit fraud or other crimes.”
Types of Identifiers • Personal: – – – – – Name and Date of Birth Social Security Number Address and phone numbers Driver’s license and passport numbers Mother’s maiden name; pet name; etc. • Financial: – Credit card numbers (including security codes) – Bank account numbers – ATM Card and PIN numbers – Insurance policy numbers
Official US Gov’t ID THEFT WEBSITE http://www.ftc.gov/idtheft (redirects) ftc.gov/idtheft (redirects)
1-877-ID THEFT
FREE PUBLICATIONS FROM THE FEDERAL TRADE COMMISSION FTC.GOV/idtheft
2013 IDENTITY THEFT REPORT from JAVELIN RESEARCH (2/13) Identity fraud incidents and amount stolen increased—The number of identity fraud incidents increased by one million more consumers over the past year, and the dollar amount stolen increased to $21 billion, a three-year high but still significantly lower than the all-time high of $47 billion in 2004. This equates to 1 incident of identity fraud every 3 seconds.
1 in 4 data breach notification recipients became a victim of identity fraud—This year, almost 1 in 4 consumers that received a data breach letter became a victim of identity fraud, which is the highest rate since 2010. This underscores the need for consumers to take all notifications seriously. Not all breaches are created equal. The study found consumers who had their Social Security number compromised in a data breach were 5 times more likely to be a fraud victim than an average consumer. SOURCE: Javelin Research 2/13
DECEMBER 12, 2013 http://www.bjs.gov 16.6 MILLION PEOPLE EXPERIENCED IDENTITY THEFT IN 2012 Financial losses totaled $24.7 billion WASHINGTON – An estimated 16.6 million people, representing 7 percent of all persons age 16 or older in the United States, experienced at least one incident of identity theft in 2012, the Justice Department’s Bureau of Justice Statistics (BJS) announced today. Financial losses due to personal identity theft totaled $24.7 billion, over $10 billion more than the losses attributed to all other property crimes measured in the National Crime Victimization Survey. About 14 percent of victims suffered an out-of-pocket financial loss due to the most recent incident of identity theft. Of the victims who experienced an out-of-pocket loss, about half lost $99 or less.
In 2012, the misuse or attempted misuse of an existing account was the most common type of identity theft — experienced by 15.3 million people. An estimated 7.7 million people reported the fraudulent use of a credit card and 7.5 million reported the fraudulent use of a bank account such as a debit, checking or savings account. Another 1.1 million persons had their information misused to open a new account, and about 833,600 persons had their information misused for other fraudulent purposes. SOURCE: Victims of Identity Theft, 2012 (NCJ 243779)
SOURCE: http://www.bjs.gov/content/pub/pdf/vit12.pdf
SOURCE: FTC SOURCE: BJS
Arizona, California, Florida, Texas, and Nevada are the top 5 states for Identity Theft OHIO IS RANKED 29th IN IDENTITY THEFT Why are THESE states in RED? The answer is “Politically Incorrect” SOURCE: FTC
PHISHING Note the warning in the subject line of the email below
LINK ABOVE LOOKS AUTHENTIC
NOTE INTERNET ADDRESS IN THE ADDRESS BAR IT IS LOCATED IN KOREA
WHOSE CREDIT CARD IS IT NOW? WHAT HAPPENS NEXT?
FORWARD TO: spoof@paypal.com
EBAY PHISHING TO STEAL PASSWORDS LINK ABOVE LOOKS AUTHENTIC
NOTE INTERNET ADDRESS IN THE ADDRESS BAR – IT IS IN INDIA Forward to: spoof@ebay.com
PHISHING COMPARE THE LINKS; DOES IT LOOK SUSPICIOUS?
Now who can access the victims’ information? This site was registered in Missouri, but hosted in TAIWAN! Others were hosted in Germany, Mexico, India, Czechoslovakia, and the Netherlands
LINK ABOVE LOOKS AUTHENTIC There are only 5 questions that you must answer before you receive your $250 reward. Once you click to submit your answers you are taken to a page that requests your personal information along with your credit card number so that they can “credit your account” the $250 reward.
NOW THE CYBER CROOK HAS ALL OF YOUR INFORMATION INCLUDING CREDIT CARD, DL, AND MOTHER’S MAIDEN NAME. WHAT CAN HE DO WITH THIS INFORMATION?
INCOME TAX PHISHING IS MOST COMMON AROUND TAX TIME. NOTE THAT THIS RUSSIAN CROOK WOULD HAVE CREDIT CARD AND PIN NUMBER http://www.kotlovka.ru/picnews/help/www.irs.gov
Credit Report Example http://www.annualcreditreport.com
Prevention – Personal Awareness • Do not give out personal identifier information over the phone or Internet. • Stay informed about your personal financial records with frequent checks of credit history, bank records, i.e., extra or unknown transactions. • Limit personal information on necessary public distribution items (checks, business cards). • Purchase a home shredder. • Consider Identity Theft Insurance (controversial). • PRACTICE “SAFE HEX”
Ira Wilsker iwilsker@sbcglobal.net

Empfohlen

Social networking and identity theft
Social networking and identity theft Social networking and identity theft
Social networking and identity theft carlgiardina
 
Teen Identity Theft Presentation - Family Online Safety Institue
Teen Identity Theft Presentation - Family Online Safety InstitueTeen Identity Theft Presentation - Family Online Safety Institue
Teen Identity Theft Presentation - Family Online Safety InstitueMindMake - Parenting & Education
 
Id theft-phishing-research
Id theft-phishing-researchId theft-phishing-research
Id theft-phishing-researchJustin Saunders
 
Identity Theft: The Other You
Identity Theft: The Other YouIdentity Theft: The Other You
Identity Theft: The Other You- Mark - Fullbright
 
Identity Theft Consumer Seminar
Identity Theft Consumer SeminarIdentity Theft Consumer Seminar
Identity Theft Consumer Seminarronwolfinger
 
World`s Most Expensive Cyber Security Breach
World`s Most Expensive Cyber Security BreachWorld`s Most Expensive Cyber Security Breach
World`s Most Expensive Cyber Security BreachClickSSL
 
Identity Theft: How to Reduce Your Risk
Identity Theft: How to Reduce Your RiskIdentity Theft: How to Reduce Your Risk
Identity Theft: How to Reduce Your Riskmilfamln
 
IT Sample Paper
IT Sample PaperIT Sample Paper
IT Sample PaperWrite My Essay
 

Empfohlen

Social networking and identity theft
Social networking and identity theft Social networking and identity theft
Social networking and identity theft carlgiardina
 
Teen Identity Theft Presentation - Family Online Safety Institue
Teen Identity Theft Presentation - Family Online Safety InstitueTeen Identity Theft Presentation - Family Online Safety Institue
Teen Identity Theft Presentation - Family Online Safety InstitueMindMake - Parenting & Education
 
Id theft-phishing-research
Id theft-phishing-researchId theft-phishing-research
Id theft-phishing-researchJustin Saunders
 
Identity Theft: The Other You
Identity Theft: The Other YouIdentity Theft: The Other You
Identity Theft: The Other You- Mark - Fullbright
 
Identity Theft Consumer Seminar
Identity Theft Consumer SeminarIdentity Theft Consumer Seminar
Identity Theft Consumer Seminarronwolfinger
 
World`s Most Expensive Cyber Security Breach
World`s Most Expensive Cyber Security BreachWorld`s Most Expensive Cyber Security Breach
World`s Most Expensive Cyber Security BreachClickSSL
 
Identity Theft: How to Reduce Your Risk
Identity Theft: How to Reduce Your RiskIdentity Theft: How to Reduce Your Risk
Identity Theft: How to Reduce Your Riskmilfamln
 
IT Sample Paper
IT Sample PaperIT Sample Paper
IT Sample PaperWrite My Essay
 
Identity Theft It's Devasting Impact
Identity Theft It's Devasting ImpactIdentity Theft It's Devasting Impact
Identity Theft It's Devasting ImpactRob Taylor
 
Id Theft Presentation
Id Theft PresentationId Theft Presentation
Id Theft PresentationLisa Sosebee
 
Child Identity Theft LegalShield Business Solutions
Child Identity Theft LegalShield Business SolutionsChild Identity Theft LegalShield Business Solutions
Child Identity Theft LegalShield Business Solutionslegalshieldofficial
 
Identity Theft Presentation
Identity Theft PresentationIdentity Theft Presentation
Identity Theft Presentationcharlesgarrett
 
Identity Theft ppt
Identity Theft pptIdentity Theft ppt
Identity Theft pptAngela Lawson
 
CBSV%20INFORMATION[1]
CBSV%20INFORMATION[1]CBSV%20INFORMATION[1]
CBSV%20INFORMATION[1]Stephanie L. Elder
 
Identity Theft: How to Avoid It
Identity Theft: How to Avoid ItIdentity Theft: How to Avoid It
Identity Theft: How to Avoid Ithewie
 
How to Prevent Identity Theft and Fraud
How to Prevent Identity Theft and FraudHow to Prevent Identity Theft and Fraud
How to Prevent Identity Theft and FraudEnglish Online Inc.
 
Identity theft ppt
Identity theft pptIdentity theft ppt
Identity theft pptCut 2 Shreds
 
Identity theft fraud laws how the legal system can protect you
Identity theft fraud laws how the legal system can protect youIdentity theft fraud laws how the legal system can protect you
Identity theft fraud laws how the legal system can protect youIdentity Theft Protection
 
ID Theft and Computer Security 2008
ID Theft and Computer Security 2008ID Theft and Computer Security 2008
ID Theft and Computer Security 2008Donald E. Hester
 
ASIS Phoenix February Presentation
ASIS Phoenix February PresentationASIS Phoenix February Presentation
ASIS Phoenix February PresentationJohn Hamilton, DAHC,EHC,CFDAI, CPP, PSPO
 
THE CHANGING FACE OF IDENTITY THEFT
THE CHANGING FACE OF IDENTITY THEFTTHE CHANGING FACE OF IDENTITY THEFT
THE CHANGING FACE OF IDENTITY THEFT- Mark - Fullbright
 
Identity Theft
Identity TheftIdentity Theft
Identity Theftsarakr00
 
Identity theft
Identity theftIdentity theft
Identity theftMuncie_Library
 
Identity theft
Identity theftIdentity theft
Identity theftEqhball Ghazizadeh
 
IDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfIDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfBucacci Business Solutions
 
8 Nastiest Data Breaches In 2015
8 Nastiest Data Breaches In 20158 Nastiest Data Breaches In 2015
8 Nastiest Data Breaches In 2015Identacor
 
How to Protect Yourself From Identity Theft
How to Protect Yourself From Identity TheftHow to Protect Yourself From Identity Theft
How to Protect Yourself From Identity TheftExperian_US
 
e-Fraud ppt
e-Fraud ppte-Fraud ppt
e-Fraud pptjasonsirmon
 
Child Identity Theft
Child Identity TheftChild Identity Theft
Child Identity Theft- Mark - Fullbright
 
PREVENTING IDENTITY THEFT: A GUIDE for CONSUMERS
PREVENTING IDENTITY THEFT: A GUIDE for CONSUMERSPREVENTING IDENTITY THEFT: A GUIDE for CONSUMERS
PREVENTING IDENTITY THEFT: A GUIDE for CONSUMERS- Mark - Fullbright
 

Weitere ähnliche Inhalte

Was ist angesagt?

Identity Theft It's Devasting Impact
Identity Theft It's Devasting ImpactIdentity Theft It's Devasting Impact
Identity Theft It's Devasting ImpactRob Taylor
 
Id Theft Presentation
Id Theft PresentationId Theft Presentation
Id Theft PresentationLisa Sosebee
 
Child Identity Theft LegalShield Business Solutions
Child Identity Theft LegalShield Business SolutionsChild Identity Theft LegalShield Business Solutions
Child Identity Theft LegalShield Business Solutionslegalshieldofficial
 
Identity Theft Presentation
Identity Theft PresentationIdentity Theft Presentation
Identity Theft Presentationcharlesgarrett
 
Identity Theft: How to Avoid It
Identity Theft: How to Avoid ItIdentity Theft: How to Avoid It
Identity Theft: How to Avoid Ithewie
 
How to Prevent Identity Theft and Fraud
How to Prevent Identity Theft and FraudHow to Prevent Identity Theft and Fraud
How to Prevent Identity Theft and FraudEnglish Online Inc.
 
Identity theft ppt
Identity theft pptIdentity theft ppt
Identity theft pptCut 2 Shreds
 
Identity theft fraud laws how the legal system can protect you
Identity theft fraud laws how the legal system can protect youIdentity theft fraud laws how the legal system can protect you
Identity theft fraud laws how the legal system can protect youIdentity Theft Protection
 
ID Theft and Computer Security 2008
ID Theft and Computer Security 2008ID Theft and Computer Security 2008
ID Theft and Computer Security 2008Donald E. Hester
 
THE CHANGING FACE OF IDENTITY THEFT
THE CHANGING FACE OF IDENTITY THEFTTHE CHANGING FACE OF IDENTITY THEFT
THE CHANGING FACE OF IDENTITY THEFT- Mark - Fullbright
 
Identity Theft
Identity TheftIdentity Theft
Identity Theftsarakr00
 
8 Nastiest Data Breaches In 2015
8 Nastiest Data Breaches In 20158 Nastiest Data Breaches In 2015
8 Nastiest Data Breaches In 2015Identacor
 
How to Protect Yourself From Identity Theft
How to Protect Yourself From Identity TheftHow to Protect Yourself From Identity Theft
How to Protect Yourself From Identity TheftExperian_US
 

Was ist angesagt? (20)

Identity Theft It's Devasting Impact
Identity Theft It's Devasting ImpactIdentity Theft It's Devasting Impact
Identity Theft It's Devasting Impact
 
Id Theft Presentation
Id Theft PresentationId Theft Presentation
Id Theft Presentation
 
Child Identity Theft LegalShield Business Solutions
Child Identity Theft LegalShield Business SolutionsChild Identity Theft LegalShield Business Solutions
Child Identity Theft LegalShield Business Solutions
 
Identity Theft Presentation
Identity Theft PresentationIdentity Theft Presentation
Identity Theft Presentation
 
Identity Theft ppt
Identity Theft pptIdentity Theft ppt
Identity Theft ppt
 
CBSV%20INFORMATION[1]
CBSV%20INFORMATION[1]CBSV%20INFORMATION[1]
CBSV%20INFORMATION[1]
 
Identity Theft: How to Avoid It
Identity Theft: How to Avoid ItIdentity Theft: How to Avoid It
Identity Theft: How to Avoid It
 
How to Prevent Identity Theft and Fraud
How to Prevent Identity Theft and FraudHow to Prevent Identity Theft and Fraud
How to Prevent Identity Theft and Fraud
 
Identity theft ppt
Identity theft pptIdentity theft ppt
Identity theft ppt
 
Identity theft fraud laws how the legal system can protect you
Identity theft fraud laws how the legal system can protect youIdentity theft fraud laws how the legal system can protect you
Identity theft fraud laws how the legal system can protect you
 
ID Theft and Computer Security 2008
ID Theft and Computer Security 2008ID Theft and Computer Security 2008
ID Theft and Computer Security 2008
 
ASIS Phoenix February Presentation
ASIS Phoenix February PresentationASIS Phoenix February Presentation
ASIS Phoenix February Presentation
 
THE CHANGING FACE OF IDENTITY THEFT
THE CHANGING FACE OF IDENTITY THEFTTHE CHANGING FACE OF IDENTITY THEFT
THE CHANGING FACE OF IDENTITY THEFT
 
Identity Theft
Identity TheftIdentity Theft
Identity Theft
 
Identity theft
Identity theftIdentity theft
Identity theft
 
Identity theft
Identity theftIdentity theft
Identity theft
 
IDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By WrfIDT Red Flags White Paper By Wrf
IDT Red Flags White Paper By Wrf
 
8 Nastiest Data Breaches In 2015
8 Nastiest Data Breaches In 20158 Nastiest Data Breaches In 2015
8 Nastiest Data Breaches In 2015
 
How to Protect Yourself From Identity Theft
How to Protect Yourself From Identity TheftHow to Protect Yourself From Identity Theft
How to Protect Yourself From Identity Theft
 
e-Fraud ppt
e-Fraud ppte-Fraud ppt
e-Fraud ppt
 

Ähnlich wie Ira Wilsker's January 2014 Identity Theft Presentation

PREVENTING IDENTITY THEFT: A GUIDE for CONSUMERS
PREVENTING IDENTITY THEFT: A GUIDE for CONSUMERSPREVENTING IDENTITY THEFT: A GUIDE for CONSUMERS
PREVENTING IDENTITY THEFT: A GUIDE for CONSUMERS- Mark - Fullbright
 
Identity Theft Prevention
Identity Theft PreventionIdentity Theft Prevention
Identity Theft PreventionSpringboard
 
Identity Theft Presentation
Identity Theft PresentationIdentity Theft Presentation
Identity Theft PresentationRandall Chesnutt
 
Identity Fraud and How to Protect Yourself
Identity Fraud and How to Protect YourselfIdentity Fraud and How to Protect Yourself
Identity Fraud and How to Protect YourselfBarry Caplin
 
Identity theft 10 mar15
Identity theft 10 mar15Identity theft 10 mar15
Identity theft 10 mar15Naval OPSEC
 
2011 Fraud Fighter Presentation Illinois
2011 Fraud Fighter Presentation Illinois2011 Fraud Fighter Presentation Illinois
2011 Fraud Fighter Presentation IllinoisAARP Illinois
 
Risk Managers Presentation
Risk Managers PresentationRisk Managers Presentation
Risk Managers Presentationpat7777
 
Idt Jc 02 09
Idt Jc 02 09Idt Jc 02 09
Idt Jc 02 09jwnollet
 
2014: The Year of the Data Breach
2014: The Year of the Data Breach2014: The Year of the Data Breach
2014: The Year of the Data BreachObserveIT
 
Top Law Firm Cyber Attacks Throughout History
Top Law Firm Cyber Attacks Throughout HistoryTop Law Firm Cyber Attacks Throughout History
Top Law Firm Cyber Attacks Throughout HistoryProtected Harbor
 
Resolving Consumer Identity Theft for Foster Youth 2013 Edition
Resolving Consumer Identity Theft for Foster Youth 2013 EditionResolving Consumer Identity Theft for Foster Youth 2013 Edition
Resolving Consumer Identity Theft for Foster Youth 2013 Edition- Mark - Fullbright
 
PREVENTING ID THEFT GUIDE FOR CONSUMERS
PREVENTING ID THEFT GUIDE FOR CONSUMERSPREVENTING ID THEFT GUIDE FOR CONSUMERS
PREVENTING ID THEFT GUIDE FOR CONSUMERSGreg Ewers
 
Hr Idt Presentation Employee Version
Hr Idt Presentation Employee VersionHr Idt Presentation Employee Version
Hr Idt Presentation Employee Versiondanc752
 
Identity theft power_point
Identity theft power_pointIdentity theft power_point
Identity theft power_pointefandeye
 
Writing Sample - Tax Identity Theft Note
Writing Sample - Tax Identity Theft NoteWriting Sample - Tax Identity Theft Note
Writing Sample - Tax Identity Theft NoteChris Sleeper
 

Ähnlich wie Ira Wilsker's January 2014 Identity Theft Presentation (20)

Child Identity Theft
Child Identity TheftChild Identity Theft
Child Identity Theft
 
PREVENTING IDENTITY THEFT: A GUIDE for CONSUMERS
PREVENTING IDENTITY THEFT: A GUIDE for CONSUMERSPREVENTING IDENTITY THEFT: A GUIDE for CONSUMERS
PREVENTING IDENTITY THEFT: A GUIDE for CONSUMERS
 
RSA Conference 2016 Review
RSA Conference 2016 ReviewRSA Conference 2016 Review
RSA Conference 2016 Review
 
Identity Theft Prevention
Identity Theft PreventionIdentity Theft Prevention
Identity Theft Prevention
 
Identity Theft Presentation
Identity Theft PresentationIdentity Theft Presentation
Identity Theft Presentation
 
Identity Fraud and How to Protect Yourself
Identity Fraud and How to Protect YourselfIdentity Fraud and How to Protect Yourself
Identity Fraud and How to Protect Yourself
 
Identity theft 10 mar15
Identity theft 10 mar15Identity theft 10 mar15
Identity theft 10 mar15
 
2011 Fraud Fighter Presentation Illinois
2011 Fraud Fighter Presentation Illinois2011 Fraud Fighter Presentation Illinois
2011 Fraud Fighter Presentation Illinois
 
Risk Managers Presentation
Risk Managers PresentationRisk Managers Presentation
Risk Managers Presentation
 
Idt Jc 02 09
Idt Jc 02 09Idt Jc 02 09
Idt Jc 02 09
 
2014: The Year of the Data Breach
2014: The Year of the Data Breach2014: The Year of the Data Breach
2014: The Year of the Data Breach
 
Top Law Firm Cyber Attacks Throughout History
Top Law Firm Cyber Attacks Throughout HistoryTop Law Firm Cyber Attacks Throughout History
Top Law Firm Cyber Attacks Throughout History
 
Resolving Consumer Identity Theft for Foster Youth 2013 Edition
Resolving Consumer Identity Theft for Foster Youth 2013 EditionResolving Consumer Identity Theft for Foster Youth 2013 Edition
Resolving Consumer Identity Theft for Foster Youth 2013 Edition
 
PREVENTING ID THEFT GUIDE FOR CONSUMERS
PREVENTING ID THEFT GUIDE FOR CONSUMERSPREVENTING ID THEFT GUIDE FOR CONSUMERS
PREVENTING ID THEFT GUIDE FOR CONSUMERS
 
Hr Idt Presentation Employee Version
Hr Idt Presentation Employee VersionHr Idt Presentation Employee Version
Hr Idt Presentation Employee Version
 
Dealing With ID Theft
Dealing With ID TheftDealing With ID Theft
Dealing With ID Theft
 
BBB April 2017 Market Monitor
BBB April 2017 Market Monitor BBB April 2017 Market Monitor
BBB April 2017 Market Monitor
 
BBB Market Monitor: April 2017
BBB Market Monitor: April 2017BBB Market Monitor: April 2017
BBB Market Monitor: April 2017
 
Identity theft power_point
Identity theft power_pointIdentity theft power_point
Identity theft power_point
 
Writing Sample - Tax Identity Theft Note
Writing Sample - Tax Identity Theft NoteWriting Sample - Tax Identity Theft Note
Writing Sample - Tax Identity Theft Note
 

Mehr von Greater Cleveland PC Users Group

Mehr von Greater Cleveland PC Users Group (8)

Judy Taylour's Digital Privacy Day 2014 Presentation
Judy Taylour's Digital Privacy Day 2014 PresentationJudy Taylour's Digital Privacy Day 2014 Presentation
Judy Taylour's Digital Privacy Day 2014 Presentation
 
Understand Online Privacy
Understand Online PrivacyUnderstand Online Privacy
Understand Online Privacy
 
Don't know SATA . . .
Don't know SATA . . .Don't know SATA . . .
Don't know SATA . . .
 
When Social Consumers Go Viral
When Social Consumers Go ViralWhen Social Consumers Go Viral
When Social Consumers Go Viral
 
A Day on the Internet
A Day on the InternetA Day on the Internet
A Day on the Internet
 
Facebook Privacy Settings
Facebook Privacy SettingsFacebook Privacy Settings
Facebook Privacy Settings
 
It's Time for Facebook Timeline - January 2012
It's Time for Facebook Timeline - January 2012It's Time for Facebook Timeline - January 2012
It's Time for Facebook Timeline - January 2012
 
Data Mining - GCPCUG May 2011
Data Mining - GCPCUG May 2011Data Mining - GCPCUG May 2011
Data Mining - GCPCUG May 2011
 

Kürzlich hochgeladen

H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 

Kürzlich hochgeladen (20)

H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 

Ira Wilsker's January 2014 Identity Theft Presentation

  • 1. GREATER CLEVELAND PC USERS’ GROUP IDENTITY THEFT January 11, 2014 By Ira Wilsker Some slides are from an ORIGINAL Presentation by Sgt. Eric Gilbert and Sgt. Hiland Priddy, Texas Department of Public Safety (DPS) for mandatory Texas Law Enforcement Officer In Service Training
  • 2. JANUARY 10, 2014: Personal info stolen from 70M customers, company says
  • 3. The nation's second largest discounter said Friday that hackers stole personal information — including names, phone numbers as well as email and mailing addresses — from as many as 70 million customers as part of a data breach it discovered in December. Target said in December that customers' names, credit and debit card numbers, card expiration dates, debit-card PINs and the embedded code on the magnetic strip on the back of cards had been
  • 4. DEBIT AND CREDIT CARD INFORMATION STOLEN FROM TARGET FOR SALE ONLINE
  • 5. THE ADDRESS IN THE “COUNTRY” COLUMN IS THE LOCATION OF THE TARGET STORE WHERE THAT CARD WAS USED
  • 6. FOREIGN CREDIT AND DEBIT CARDS STOLEN FROM TARGET FETCH PREMIUM PRICES – ALSO NOTICE “MATURITY” OF CARDS vs. PRICE THESE ARE DEBIT CARDS
  • 7. FOREIGN CREDIT AND DEBIT CARDS STOLEN FROM TARGET FETCH PREMIUM PRICES – ALSO NOTICE THAT “QUALITY” CARDS WITH HIGHER CREDIT LIMITS FETCH HIGHER PRICES
  • 8. MANY OF THESE CREDIT CARD SELLING SITES ARE LOCATED IN RUSSIA OR EASTERN EUROPE – ONES ABOVE ARE RUN BY A RUSSIAN WITH THE HANDLE “HELKERN”
  • 9. THERE HAS BEEN NO PUBLIC DISCLOSURE ABOUT THE METHOD USED TO OBTAIN THE TARGET CREDIT CARD INFORMATION, BUT MANY SECURITY EXPERTS ARE FAIRLY CERTAIN THAT IT WAS LIKELY “SPEAR PHISHING” DIRECTED TO A TARGET EMPLOYEE WHO HAD ACCESS
  • 10. BULLETIN: Dated January 14, 2014 – KREBS ON SECURITY
  • 11. 2011 EXAMPLE THAT LED TO MASSIVE “SPEAR PHISHING” ATTACKS
  • 12. APRIL 4, 2011 – Millions Exposed to Potential IDENTITY THEFT! Dallas – The customer lists of about 2500 corporate clients of Dallas based EPSILON, a marketing company, were stolen by a hacker over the weekend. These mailing lists are used to send about 40 billion emails annually to the millions of clients and customers of these 2500 companies. EPSILON has reported that the data stolen consisted of customer names and email addresses, but not personal financial data. A comprehensive list of companies known to have had their client email list stolen includes (as of April 6, 2011):
  • 13. 1-800-FLOWERS AbeBook AIR MILES Rewards Ameriprise Ann Taylor Barclays Bank of Delaware Barclay's L.L. Bean Visa Beachbody bebe Benefit Cosmetics Best Buy Best Buy Reward Zone BJ's Visa Borders Brookstone Capital One Catherine's Charter Communications Citi City Market College Board Dell Dillons Disney Destinations Eddie Bauer Friends Eileen Fisher Ethan Allen Eurosport Soccer Express Food 4 Less Fred Meyer Fry's Electronics Hilton Honors Home Shoppers Network Jay C JPMorgan Chase King Soopers Kroger Lacoste Marks & Spence Marriott Rewards McKinsey Quarterly MoneyGram New York & Company QFC Ralphs Red Roof Inn Ritz-Carlton Rewards Robert Half International Scottrade Smith Brands Target TD Ameritrade TIAA-CREF TiVo TripAdvisor.com US Bank Verizon Victoria's Secret Viking River Cruises Visa Walgreens World Financial Network NOTE: Companies in RED have a presence in this area
  • 14. The millions of customers of these companies may become the targets of PHISHING or SPEAR PHISHING. PHISHING uses spoofed or counterfeit duplicates of authentic websites for the explicit purpose of IDENTITY THEFT. The victim is tricked into entering valuable personal information on the website. Information solicited is typically credit or debit card numbers, PIN numbers, security codes, expiration dates, user names, account numbers, and passwords.
  • 15. SPEAR PHISHING is a similar form of IDENTITY THEFT but the emails are targeted to specific users. Since the cyber crook has the customer information from these companies, they will likely be selling that information or using it to send out millions of SPAM emails that look authentic, appearing to be from real companies where the target victim really has an account. This tends to improve the success rate, with more victims disclosing their personal information.
  • 17. THIS IS THE GENUINE WARNING
  • 18. ALL OF THESE LINKS LOOK REAL, BUT REALLY CONNECT TO A CROOK IN RUSSIA!
  • 19. A MORE TRADITIONAL PHISHING EMAIL
  • 20. NOTE THAT THE CROOK IS ASKING FOR THE DEBIT CARD NUMBER, SECURITY CODE AND PIN NUMBER! THIS WOULD NO LONGER BE YOUR DEBIT CARD, AND YOUR ACCOUNT WILL BE QUICKLY EMPTIED
  • 21. NOTE THE SPELLING IN THE URL… “orangesavLngs.com
  • 22. Domain Name: ORANGESAVLNGS.COM Registrar: MELBOURNE IT, LTD. D/B/A INTERNET NAMES WORLDWIDE Whois Server: whois.melbourneit.com Referral URL: http://www.melbourneit.com Creation Date: 13-jun-2008 Expiration Date: 13-jun-2009 Domain Name.......... orangesavlngs.com orangesavLngs.com Organisation Name.... John Davis Organisation Address. 49960 Esperanza Organisation Address. Organisation Address. carson Organisation Address. 95350 Organisation Address. CA Organisation Address. UNITED STATES Admin Email.......... johndaviiis88@yahoo.com Admin Phone.......... +1.5554843948 NOTE THE PHONEY Admin Fax............ “555” AREA CODE THERE IS NO 555
  • 24. Identity theft is not just an unauthorized charge on a credit card anymore. Identity theft, according to the Federal Trade Commission, “occurs when someone uses your personally identifying information, like your name, Social Security number or credit card number, without your permission, to commit fraud or other crimes.”
  • 25. Types of Identifiers • Personal: – – – – – Name and Date of Birth Social Security Number Address and phone numbers Driver’s license and passport numbers Mother’s maiden name; pet name; etc. • Financial: – Credit card numbers (including security codes) – Bank account numbers – ATM Card and PIN numbers – Insurance policy numbers
  • 26. Official US Gov’t ID THEFT WEBSITE http://www.ftc.gov/idtheft (redirects) ftc.gov/idtheft (redirects)
  • 29. 2013 IDENTITY THEFT REPORT from JAVELIN RESEARCH (2/13) Identity fraud incidents and amount stolen increased—The number of identity fraud incidents increased by one million more consumers over the past year, and the dollar amount stolen increased to $21 billion, a three-year high but still significantly lower than the all-time high of $47 billion in 2004. This equates to 1 incident of identity fraud every 3 seconds.
  • 30. 1 in 4 data breach notification recipients became a victim of identity fraud—This year, almost 1 in 4 consumers that received a data breach letter became a victim of identity fraud, which is the highest rate since 2010. This underscores the need for consumers to take all notifications seriously. Not all breaches are created equal. The study found consumers who had their Social Security number compromised in a data breach were 5 times more likely to be a fraud victim than an average consumer. SOURCE: Javelin Research 2/13
  • 31. DECEMBER 12, 2013 http://www.bjs.gov 16.6 MILLION PEOPLE EXPERIENCED IDENTITY THEFT IN 2012 Financial losses totaled $24.7 billion WASHINGTON – An estimated 16.6 million people, representing 7 percent of all persons age 16 or older in the United States, experienced at least one incident of identity theft in 2012, the Justice Department’s Bureau of Justice Statistics (BJS) announced today. Financial losses due to personal identity theft totaled $24.7 billion, over $10 billion more than the losses attributed to all other property crimes measured in the National Crime Victimization Survey. About 14 percent of victims suffered an out-of-pocket financial loss due to the most recent incident of identity theft. Of the victims who experienced an out-of-pocket loss, about half lost $99 or less.
  • 32. In 2012, the misuse or attempted misuse of an existing account was the most common type of identity theft — experienced by 15.3 million people. An estimated 7.7 million people reported the fraudulent use of a credit card and 7.5 million reported the fraudulent use of a bank account such as a debit, checking or savings account. Another 1.1 million persons had their information misused to open a new account, and about 833,600 persons had their information misused for other fraudulent purposes. SOURCE: Victims of Identity Theft, 2012 (NCJ 243779)
  • 35.
  • 36.
  • 37. Arizona, California, Florida, Texas, and Nevada are the top 5 states for Identity Theft OHIO IS RANKED 29th IN IDENTITY THEFT Why are THESE states in RED? The answer is “Politically Incorrect” SOURCE: FTC
  • 38. PHISHING Note the warning in the subject line of the email below
  • 39.
  • 40. LINK ABOVE LOOKS AUTHENTIC
  • 41. NOTE INTERNET ADDRESS IN THE ADDRESS BAR IT IS LOCATED IN KOREA
  • 42. WHOSE CREDIT CARD IS IT NOW? WHAT HAPPENS NEXT?
  • 44. EBAY PHISHING TO STEAL PASSWORDS LINK ABOVE LOOKS AUTHENTIC
  • 45. NOTE INTERNET ADDRESS IN THE ADDRESS BAR – IT IS IN INDIA Forward to: spoof@ebay.com
  • 46. PHISHING COMPARE THE LINKS; DOES IT LOOK SUSPICIOUS?
  • 47.
  • 48. Now who can access the victims’ information? This site was registered in Missouri, but hosted in TAIWAN! Others were hosted in Germany, Mexico, India, Czechoslovakia, and the Netherlands
  • 49. LINK ABOVE LOOKS AUTHENTIC There are only 5 questions that you must answer before you receive your $250 reward. Once you click to submit your answers you are taken to a page that requests your personal information along with your credit card number so that they can “credit your account” the $250 reward.
  • 50. NOW THE CYBER CROOK HAS ALL OF YOUR INFORMATION INCLUDING CREDIT CARD, DL, AND MOTHER’S MAIDEN NAME. WHAT CAN HE DO WITH THIS INFORMATION?
  • 51. INCOME TAX PHISHING IS MOST COMMON AROUND TAX TIME. NOTE THAT THIS RUSSIAN CROOK WOULD HAVE CREDIT CARD AND PIN NUMBER http://www.kotlovka.ru/picnews/help/www.irs.gov
  • 53. Prevention – Personal Awareness • Do not give out personal identifier information over the phone or Internet. • Stay informed about your personal financial records with frequent checks of credit history, bank records, i.e., extra or unknown transactions. • Limit personal information on necessary public distribution items (checks, business cards). • Purchase a home shredder. • Consider Identity Theft Insurance (controversial). • PRACTICE “SAFE HEX”