Tag Archives: identity theft

Do YOU Trust Companies with Your Personal Data?

20 Apr

We know that there have been incidents of stolen data around the world. These are involuntary hacks of our personal information. So, how do we feel about voluntarily sharing our information with companies? Many of us are rather reluctant to share more personal data due to concerns about identity theft, access to private information, and more.

As reported by eMarketer:

“A Pew Research Center report published in January 2017 found that only 14% of US consumers felt ‘very confident’ about entrusting companies/retailers with their data. Almost the exact same number said they were not at all confident.”

 

 

Ransomware: A NOT So Humorous Look

15 Feb

As we’ve reported before, the ransomware threat has many negative effects. Ransomware “is malware. The hackers demand payment, often via Bitcoin or prepaid credit card, from victims in order to regain access to an infected device and the data stored on it.” [Ransomware: The Smart Person’s Guide, by James Sanders]

How pervasive is the threat of ransomware in our everyday lives? Check out this rather scary cartoon from Joy of Tech. It was inspired by the recently published Ransomware: Defending Against Digital Extortion by Allan Liska and Timothy Gallo! [Click the image for a larger version of the cartoon.]
 

 

Avoid Risky Password Behavior

5 Oct

Do you have only one password for all accounts? Do you use only lower-case letters in your passwords? Do you enter your password when the URL begins with http (rather than https)? If you answered yes to one or more of these questions, you are leaving yourself wide open to identity theft and the hacking of your personal information.

For years, we’ve been writing about password safety–including providing many tips. [See, for example: 1, 2, 3, 4.] Today, let us consider WHY you might still exhibiting risky password behavior.

Recently, Help Net Security described “The Psychological Reasons Behind Risky Password Practices.” Here are a few of the conclusions:

 


 

“When it comes to online security, personality type does not inform behavior, but it does reveal how consumers rationalize poor password habits. Among key findings around personality types and online behavior, nearly half of respondents who identify as a Type A personality did not believe that they are at an increased risk by reusing passwords because of their own proactive efforts, which implies their behavior stems from their need to be in control.”

“In contrast, more than half of respondents who identify as a Type B personality believe they need to limit their online accounts and activities due to fear of a password breach. By convincing themselves that their accounts are of little value to hackers, they are able to maintain their casual, laid-back attitude towards password security. This suggests that while personality types didn’t factor into the end result of poor password habits, it does provide insight around why people behave this way.”

 

 

“’Developing poor password habits is a universal problem affecting users of any age, gender, or personality type,’ says Joe Siegrist, VP and GM of LastPass. ‘Most users admit to understanding the risks but continue to repeat the behavior despite knowing they’re leaving sensitive information vulnerable to potential hackers. In order to establish more effective defenses, we need to better understand why individuals act a certain way online and a system that makes it easier for the average user to better manage their password behavior.”

 

Ransomware: Even Worse Than the Name Implies

30 Aug

The term “ransom” has been around for hundreds of years and is best described as a way to redeem someone from captivity, bondage, detention, etc., by paying a demanded price.

Today, we have another destructive variation of the word ransom — that is “ransomware.” What is it and what can we do about it?

TechRepublic recently produced Ransomware: The Smart Person’s Guide, written by James Sanders. This is an executive summary quoted from the guide:

  • What is it? Ransomware is malware. The hackers demand payment, often via Bitcoin or prepaid credit card, from victims in order to regain access to an infected device and the data stored on it.
  • Why does it matter? Because of the ease of deploying ransomware, criminal organizations are increasingly relying on such attacks to generate profits.
  • Who does this affect? While home users have traditionally been the targets, healthcare and the public sector have been targeted with increasing frequency. Enterprises are more likely to have deep pockets from which to extract a ransom.
  • When is this happening? Ransomware has been an active and ongoing threat since September 2013.
  • How do I protect myself from a ransomware attack? A variety of tools developed in collaboration with law enforcement and security firms are available to decrypt your computer.

Sanders adds: “For those who have been infected, the No More Ransom project — a collaboration between Europol, the Dutch National Police, Kaspersky Lab, and Intel Security — provides decryption tools for many widespread ransomware types.


 
Here are a couple of informative infographics by LogRhythm:



 

More Bad News on Our Privacy

9 Jun

As we have noted several times (see, for example, 1, 2, 3, 4, 5, 6), the hacking and theft of people’s vital information remains quite rampant around the globe, despite some technological advances.

To show how bad the situation is, consider this recent Russian example reported by Eric Auchaud for Reuters:

“Hundreds of millions of hacked user names and passwords for E-mail accounts and other Web sites are being traded in Russia’s criminal underworld, a security expert told Reuters. The discovery of 272.3 million stolen accounts included a majority of users of Mail.ru, Russia’s most popular E-mail service, and smaller fractions of Google, Yahoo, and Microsoft E-mail users, said Alex Holden, founder and chief information security officer of Hold Security. It is one of the biggest stashes of stolen credentials to be uncovered since cyber attacks hit major U.S. banks and retailers two years ago.”

“The latest discovery came after Hold Security researchers found a young Russian hacker bragging in an online forum that he had collected and was ready to give away a far larger number of stolen credentials that ended up totaling 1.17 billion records. After eliminating duplicates, Holden said, the cache contained nearly 57 million Mail.ru accounts — a big chunk of the 64 million monthly active E-mail users Mail.ru said it had at the end of last year. It also included tens of millions of credentials for the world’s three big E-mail providers, Gmail, Microsoft, and Yahoo, plus hundreds of thousands of accounts at German and Chinese E-mail providers.”

 
Click the image to access a video clip featuring Auchard.
 
Reuters TV
 

Can You Pass This Online Privacy and Social Media Security Quiz?

1 Mar

See how well you do on this quiz. Protect yourself online.

How many questions did you get right?
 

 

Video Tips About How to Be Safer Online

28 Dec

Although it’s nearly possible to totally protect ourselves against identity theft and an invasion of our online privacy by hackers, there are several things that we can do to make it tougher for hackers to get into our online accounts and social media.

How big is this problem? Take a look a look at this chart on cyber crime based on November 2015 data generated by Hackmageddon. Cyber attacks on U.S. sites dwarf those in the rest of the world.


 
Watch the two videos highlighted below. Can YOU pass the quiz in the second video?
 

 

%d bloggers like this: