Home | Solutions Blog | Identity Theft Prevention
Latest "Identity Theft Prevention" Posts
Everybody wants your data. Why? Because it’s profitable, it’s relatively easy to access and the resulting crime is almost impossible to trace. Take, for example, Sony PlayStation Network, Citigroup, Epsilon, RSA, Lockheed and several other businesses that have watched helplessly in the past months as more than 100 million customer records have been breached, ringing up billions in recovery costs and reputation damage. You have so much to lose.
To scammers, your employees’ Facebook profiles are like a user’s manual about how to manipulate their trust and steal your intellectual property. To competitors, your business is one poorly secured smartphone from handing over the recipe to your secret sauce. And to the data spies sitting near you at Starbucks, you are one unencrypted wireless connection away from wishing you had taken the steps in this two-part article.
Posted in Burning Questions (Video), Cyber Data Security, Fraud Detection & Prevention, Identity Theft Prevention, Online Privacy, Video Tips by Identity Theft Speaker John Sileo.
Tags: "Data Privacy", "Identity Theft, Business Security, data security, Fraud, information, John Sileo, Keynote, Prevention, Privacy, Protection, Security, social engineering, Speaker, Technology
Businesses often make social engineering (or fraud) training boring! And that’s bad for your bottom line, because no one ends up remembering how to protect your organization against threats like data theft, corporate espionage or social networking exposure.
Too often, fraud and social engineering workshops cover just the concepts that define fraud rather than the feelings that signal it’s actually in process at the moment. The key to training your executives, employees and even customers on fraud is to let them experience what it feels like to be conned. In other words, they need to actually be socially engineered (manipulated into giving away their own private information) several times throughout the training so that they begin to reflexively sense fraud as it is happening. Like learning to throw a ball, there is no substitute for doing it for yourself. Fraud detection is similar; it takes actually doing it (or having it done to you) to fully understand the warning signs. Anything less will leave your audience yawning and uneducated.
Posted in Burning Questions (Video), Cyber Data Security, Fraud Detection & Prevention, Identity Theft Prevention, Video Tips by Identity Theft Speaker John Sileo.
Tags: Detection Fraud, Engineering Social, Fraud Detection, Fraud Expert, Fraud Speaker, Fraud Training, identity theft expert, John Sileo, Keynote Speaker, professional speaker, social engineering, social engineering expert, Training Fraud
Victim of a Cyber Attack? What You Should Tell Customers
It seems like every day consumers are learning of data breeches from companies like Sega, Sony and Google. Major corporations like these tend to have the funds and resources to recover from an attack, but for small businesses, that’s often not the case.
A slow response and lack of communication with customers are among the missteps many small businesses make when facing an attack, both of which can cause irreparable damage to the business.
“When consumers are a victim of ID fraud based on interaction with a small business, 1 in 3 never come back,” said Phil Blank, senior analyst for security and fraud at Javelin Strategy & Research.
Posted in Cyber Data Security, Fraud Detection & Prevention, Identity Theft Prevention by Identity Theft Speaker John Sileo.
Tags: Business Fraud, Citibank, Citigroup, Data Breach, Expert, Fox, Identity Theft Prevention, john, PlayStation, Sileo, Sony
Everybody wants your data, especially when you are in the business of meetings. Your data doesn’t just have a high face value (e.g., the attendee data, including credit card numbers that you collect and store in your online registration system), it also has a high resale value .
Here is how the theft is most often committed in your industry:
- Competitors hire one of your employees and they leave with a thumb drive full of confidential files, including client lists, personally identifying information on talent and employees, financial performance data, etc.
- Social engineers (con artists) mine your employee’s Facebook profiles to gain a heightened level of trust which allows them to manipulate your human assets
- Cyber criminals hack your lax computer network or sniff the unprotected wireless connections you and your employees use while traveling (Starbucks, hotels, airports).
Posted in Cyber Data Security, Fraud Detection & Prevention, Identity Theft Prevention, Online Privacy by Identity Theft Speaker John Sileo.
Tags: Conference Speaker, Conferences, CSAE, data security, Data Security Expert, Identity Theft Speaker, John Sileo, Keynote Speaker, meeting planners, Meeting Professionals, Meeting Security, Meetings, Meetings Industry, MPI, Privacy, Security, SGMP, Society of Government Meeting Professionals
I just finished delivering a keynote speech for the Society of Government Meeting Professionals (SGMP) at their annual convention on identity theft and protecting data in the meetings industry. Data security is a top concern in this industry because it is probably one of the most highly-targeted groups for identity theft, social media fraud, data breach and social engineering. Here’s why:
- Meeting professionals collect, store and transmit massive amounts of private data on attendees
- Data theft risk skyrockets when travel is involved, which is a frequent occurrence for meeting planners and professionals
- Meeting professionals are busy nearly 24 hours a day once they are onsite for the conference or meeting, meaning that they are highly distracted
- A single data breach of attendee data can put the organization responsible for the event out of business due to excessive costs and tight compliance regulations
Posted in Cyber Data Security, Fraud Detection & Prevention, Identity Theft Prevention, Online Privacy by Identity Theft Speaker John Sileo.
Tags: Conference Speaker, Conferences, CSAE, data security, Data Security Expert, Identity Theft Speaker, John Sileo, Keynote Speaker, meeting planners, Meeting Professionals, Meeting Security, Meetings, Meetings Industry, MPI, Privacy, Security, SGMP, Society of Government Meeting Professionals
This week’s news of the theft of private data comes from Citigroup. Seems that even the most reputable organizations can be exposed to the ever-more frequent data breaches we read about. You’ll likely recall the recent news of Sony, PBS, Epsilon and Lockheed Martin. Regrettably, the list is growing by the day. It affects me, and likely, it affects you. Now what?
First, arm yourself with the facts. See the attached articles.
- http://blogs.wsj.com/deals/2011/06/09/citigroup-data-breach-4-tips-to-protect-yourself/
- http://www.reuters.com/article/2011/06/09/us-citi-idUSTRE7580TM20110609
- http://www.informationweek.com/news/181502068
Second, remember to protect your most important data (this information, on its own, or in any combination, is a jackpot to an identity thief):
- Social Security number
- Date of birth
- PIN
- Credit Card numbers
- Bank Account numbers
- Birthdate
Third, never reply to an e-mail requesting personal information. Unless you originate the communication, suspect the worst and do not respond. This is referred to as “Phishing” and the results are never good.
Posted in Cyber Data Security, Identity Theft Prevention by Identity Theft Speaker John Sileo.
Tags: breach, Citi, Citibank, Citigroup, Credit Cards, Expert, Identity Theft Prevention, John Sileo
We can be as patriotic as we want to be, but today, the US lags behind other countries in credit card technology and consumer safety. Our current-day magnetic-strip technology is archaic compared to the chip-embedded cards of our European counterparts. Though some larger US retailers are offering support of the “smart-chip” cards, a mandate for their use (and greater protection for the consumer) is down the road. (Click here for the original story on NPR).
According to Andrea Rock, a senior editor at Consumer Reports who wrote an article about the security gap in the credit card industry (emphasis mine):
“The account information that’s needed to make a transaction on American cards is stored, unencrypted, on a magnetic stripe on the back of each card,”
And that means, until the industry changes, you are at risk. In the mean time, here are a few steps you can take to increase your security:
Posted in Cyber Data Security, Fraud Detection & Prevention, Identity Theft Prevention by Identity Theft Speaker John Sileo.
Tags: Credit Card, encryption, europe, Fraud, Identity Theft Prevention, John Sileo, magnetic strip, safety, Security, U.S., US
I love Canadian accountants because not only are they some of the warmest people I have met (I speak on identity theft quite a bit in Canada), but they are incredibly eager to learn how to avoid some of the data security mistakes that we have made in the U.S. As accountants, they provide a ton of vital financial advice to their clients, and I can easily see them sharing some of the data security best practices I talked about during the presentation and getting paid well by their clients to do it. And here’s how I could tell their level of absorption: after the speech, they had a slew of detailed follow-up questions. They were curious. You can always tell someone’s intention to act and make changes by their clarification questions. No questions, no interest, no intent to act. Definitely not what I experienced in the charming town of Winnipeg.
Posted in Identity Theft Prevention, Video Tips by Identity Theft Speaker John Sileo.
Tags: Accountants, Canada, Expert, ICAM, Identity Theft Prevention, Institute of Canadian Accountants, John Sileo, Manitoba, Speaker
Dropbox is a brilliant cloud based service (i.e., your data stored on someone else’s server) that automatically backs up your files and simultaneously keep the most current version on all of your computing devices (Mac and Windows, laptops, workstations, servers, tablets and smartphones). It is highly efficient for giving you access to everything from everywhere while maintaining an off-site backup copy of every version of every document.
And like anything with that much power, there are risks. Using this type of syncing and backup service without understanding the risks and rewards is like driving a Ducati motorcycle without peering into the crystal ball of accidents that take the lives of bikers every year. If you are going to ride the machine, know your limits.
This week, Dropbox appears to have altered their user agreement (without any notice to its users), making it a FAR LESS SECURE SERVICE. Initially, their privacy policy stated:
Posted in Cyber Data Security, Fraud Detection & Prevention, Identity Theft Prevention by Identity Theft Speaker John Sileo.
Tags: Cloud, Cloud Computing, Data Breach, data security, Dropbox, Education, Identity Theft Prevention, John Sileo, Privacy Policy, Security, Seminar, Speaker, Terms of Service, training, Workshop
