Browse > Home /

Americans Are Complacent About Online Data Breaches

November 1, 2016

Users of email, social networks, and other online services are aware of possible dangers that data breaches cause, but surprisingly are less concerned about it in 2016, a survey reveals.

Observer recently published a report titled Fears of the Web’s Dark Side—Strangely—Are Not Growing, which reveals:

People’s fears about their email being hacked have receded somewhat since 2014, bizarrely. Across the 1,071 Americans surveyed, that particular worry receded from 69 to 71 percent.

The survey commissioned by Craigconnects also reveals that online users are no longer very concerned about their data getting leaked online that may be used for identity theft; despite large scale breaches like Ashley Madison. Users, as the survey points out have accepted it as a trade-off for the convenience of Internet.

The reason for the complacency setting in probably lies in the fact that people have realized:

The business of social media company is built upon gathering as much information as possible about users and using that information to sell ads,” Michael W. Wellman, CEO of Virgil Security wrote the Observer in an email. “If the service is free, it’s the user that’s being sold.

Nearly 7 percent Americans are victims of identity theft. This, however, has not dissuaded them from taking precautionary measures to protect their identity online. Most users are aware that identity theft can be used for stealing money from bank accounts, but there are other dangers as well. For instance, prescription medication can be obtained legally using details of an identity theft victim. And then there are uses of the stolen data that only Dark Web actors know where such data of millions of victims is available for few hundred dollars.

Vishal Ingole November 1, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Dark Web, News, Security, Social Media, Technology | Comments Off on Americans Are Complacent About Online Data Breaches 

Demand for British Passports Surge on Dark Web Post Brexit

October 17, 2016

Freedom of Information Act request submitted by British general insurer Esure reveals that 270,000 British passports have been reported missing so far in 2016. A tiny percentage of these passports are for sale on Dark Web for a premium.

In an article by Jennifer Baker titled Dark Web awash with pricey British passports after UK vote for Brexitstates:

The value of a fake British passport has increased by six percent since the vote in favor of Brexit, and is predicted to rise further if rules on European Union freedom of movement change

Each passport is being sold for around $3,360 and upwards in Bitcoin or its equivalent. Restriction of movement across borders from the European Union to the United Kingdom is considered to be the primary reason for the surge in demand for British passports.

While the asking price for smaller EU nation passports remains tepid on Dark Web, experts are warning that instances of British passport thefts will increase by 20 percent next year.

The offline and online black market for British passports is estimated to be around $57 million a year. According to Ms Baker:

The most common hotspots for passport theft included bars and restaurants (14 percent), the beach (14 percent), busy streets (14 percent) and hotel rooms (13 percent). However, it isn’t just overseas as one in five (19 percent) of people reported a passport being stolen from their own homes.

A stolen passport can be used without any hassles till it is reported lost or stolen, and Brexit rules come into force. Even after being reported, the passport can still be used for identity theft and other online scams. Can there be a better way to curb this practice of identity theft, Brexit or not?

Vishal Ingole, October 17, 2016
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Dark Web, Government, Legal matters, News, Security | Comments Off on Demand for British Passports Surge on Dark Web Post Brexit 

Cybercriminal Talent Recruitment Moves Swiftly on the Dark Web

April 8, 2016

No matter the industry, it’s tough to recruit and keep talent. As the Skills shortage hits hackers published by Infosecurity Magazine reports, cybercriminals are no exception. Research conducted by Digital Shadows shows an application process exists not entirely dissimilar from that of tradition careers. The jobs include malware writers, exploit developers, and botnet operators. The article explains how Dark Web talent is recruited,

“This includes job ads on forums or boards, and weeding out people with no legitimate technical skills. The research found that the recruitment process often requires strong due diligence to ensure that the proper candidates come through the process. Speaking to Infosecurity, Digital

Shadows’ Vice President of Strategy Rick Holland said that in the untrusted environment of the attacker, reputation is as significant as in the online world and if someone does a bad job, then script kiddies and those who have inflated their abilities will be called out.”

One key difference cited is the hiring timeline; the Dark Web moves quickly. As you might imagine, apparently only a short window of opportunity to cash in stolen credit cards. The sense of urgency related to many Dark Web activities suggests speedier cybersecurity solutions are on the scene. As cybercrime-as-a-service expands, criminals’ efforts and attacks will only be swifter.

 

Megan Feil, April 8, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Dark Web, News, Search, Security, Technology, Web Services | Comments Off on Cybercriminal Talent Recruitment Moves Swiftly on the Dark Web 

Stolen Online Account Info Now More Valuable than Stolen Credit Card Details

March 2, 2016

You should be aware that criminals are now less interested in your credit cards and other “personally identifiable information” and more keen on exploiting your online accounts. As security firm Tripwire informs us in their State of Security blog, “Stolen Uber, PayPal Accounts More Coveted than Credit Cards on the Dark Web.” Writer Maritza Santillan explains:

“The price of these stolen identifiers on the underground marketplace, or ‘the Dark Web,’ shows the value of credit cards has declined in the last year, according to security firm Trend Micro. Last week, stolen Uber account information could be found on underground marketplaces for an average of $3.78 per account, while personally identifiable information, such as Social Security Numbers or dates of birth, ranged from $1 to $3.30 on average – down from $4 per record in 2014, reported CNBC. Furthermore, PayPal accounts – with a guaranteed balance of $500 –were found to have an average selling price of $6.43. Facebook logins sold for an average of $3.02, while Netflix credentials sold for about 76 cents. By contrast, U.S.-issued credit card information, which is sold in bundles, was listed for no more than 22 cents each, said CNBC.”

The article goes on to describe a few ways criminals can leverage these accounts, like booking Uber “ghost rides,” or assembling personal details for a very thorough identity theft. Pros say the trend means service providers to pay closer attention to usage patterns, and to beef up their authentication processes. Specifically, says Forrester’s Andras Cser, it is time to move beyond passwords; instead, he proposes, companies should look for changes in biometric data, like phone position and finger pressure, which would be communicated back to them by our mobile devices. So we’re about to be even more closely monitored by the companies we give our money to. All for our own good, of course.

 

Cynthia Murrell, March 2, 2016

Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Dark Web, Financial, News, Security, Technology | Comments Off on Stolen Online Account Info Now More Valuable than Stolen Credit Card Details 

New Credit Card Feature Prevents Fraud

December 28, 2015

December is lauded as the most wonderful time due to that warm, fuzzy feeling and also because retail chains across the world will be operating in the black at the end of the year.  Online shopping has shown record sales this year, especially since shoppers do not want to deal with crowds and limited stock.  Shopping online allows them to shop from the convenience of their homes, have items delivered to their front door, and find great deals.  Retail chains are not the only ones who love the holidays.  Cyber criminals also enjoy this season, because people are less concerned with their persona information.  Credit card and bank account numbers are tossed around without regard, creating ample game for identity theft.

While credit card companies have created more ways to protect consumers, such as the new microchip in cards, third party security companies have also created ways to protect consumers.  Tender Armor is a security company with a simple and brilliant fraud prevention solution.

On the back of every credit card is a security code that is meant to protect the consumer, but it has its drawbacks.  Tender Armor created a CVVPlus service that operates on the same principle as the security code, except of having the same code, it rotates on daily basis.  Without the daily code, the credit card is useless.  If a thief gets a hold of your personal information, Tender Armor’s CVVPlus immediately notifies you to take action.   It is ingenious in its simplicity.

Tender Armor made this informative animated to explain how CVVPlus works: Tender Armor: CVVPlus.

In order to use Tender Armor, you must pay for an additional service on your credit card.  With the increased risk in identity theft, it is worth the extra few bucks.

 

Whitney Grace, December 28, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Customer support, ECommerce, News, Search, Security | Comments Off on New Credit Card Feature Prevents Fraud 

Facebook Number One Security Compromiser         

August 18, 2015

While Facebook is a good way for a company to engage with clients and even “humanize” the business, according to Zerofox’s article, “Cisco: Facebook Scams Are Attackers’ #1 Choice For Breaches” Facebook is the number way for a criminal to learn about organization and hack into its system.  Cisco conducted a 2015 Midyear Security Report that researches how cyber criminals are exploiting social media to their own advantage.

The article describes potential targets as easy and click-happy:

Facebook’s 1.49 billion monthly active users make it the world’s largest nation-state, used by 70% of American each day. It is, for better or worse, a nation without borders. Adversaries exploit the social media giant for its sheer size and trusted nature, making it the medium of choice for both inexperienced and sophisticated network hackers alike. For the adversary, the barriers to entry have never been lower, and the targets have never been more trusting and click-happy.”

Other security organizations confirm the findings and some of it comes from people simply being too trusting such as accepting friend requests from unfamiliar people.  McAfee discovered that employees became cybercrime victims on social media over other business applications.

While Facebook might be the number one platform to attract criminals.  Twitter is used to attack government organizations and other popular platforms are also dealing with loads of fake profiles.  It does not come as a surprise, considering Facebook is now the “Walt-Mart” of social media information.  What types of scams are people falling victim too?  Is it just stolen passwords and information or are they giving their personal information away?

Whitney Grace, August 18, 2015
Sponsored by ArnoldIT.com, publisher of the CyberOSINT monograph

Written by Stephen E. Arnold · Filed Under Data, Facebook, News, Profile, Social Media | Comments Off on Facebook Number One Security Compromiser          

  • Archives

  • Recent Posts

  • Meta