In the News: Job Seekers Susceptible to Scams

Job SearchJob seekers can be stressed, desperate, eager, and excited all at the same time. Having a mix of emotions can be distracting, which makes job seekers susceptible to thieves who are waiting to take advantage of them. If you or someone you know is looking for a job, they need to be on alert for scams.

Current job seekers make themselves targets for scams and identity thieves by posting personal information on public job sites. Job seekers should make sure their information is only posted to sites with privacy policies and legitimacy, as well as limit the amount of personal information that is public.

Thieves will also tempt job seekers into giving away personal information through fake job listings on public sites or through direct email. Sophisticated scammers will pretend to be a contact from a legitimate company by changing their address to slightly mimic the company. For example, a legitimate business could be called xyz and have an email domain of @xyz.com. The scammer could send an email from account that has @xy-z.com or @xzy.com to fool the job seeker.

Most scammers will ask for bank account information, a copy of a utility bill, or a background check application (all of which include personal and sensitive information). Some scammers ask job seekers to pay for software requirements, credit reports, training sessions, and so on by wire transfers or asking for your credit information.

To help you stay alert and avoid falling victim to identity theft or scams, review these tips:

  • Never include your bank account number, driver’s license number, date of birth, Social Security number, or credit card numbers on your resume
  • Only post your information to legitimate and secure job sites and track the companies you have applied for jobs at so you know who you should expect communications from
  • Watch out for vague job requirements and job description posted or discussed during interview that anyone could qualify for
  • Always verify the legitimacy of a company
  • Look for unprofessional emails that include misspelling, grammar mistakes, punctuation errors, etc. or emails that come from a personal email account and/or do not include contact information
  • Be wary of online interviews via Yahoo Instant Messenger, many scammers use this method
  • Remember, if the job seems too good to be true, it’s probably fake
Source: http://jobsearch.about.com/od/jobsearchscams/a/top-10-internet-job-scams.htm

 

Do You Know Who Your Friends Are? Risky Social Media Habits Leave Millions Vulnerable to Identity Theft

NetworkBy: Christian Lees

Amid high-profile data breaches and identity fraud claiming a new victim every two seconds, a staggering number of Americans are engaging in risky social media behaviors that are increasing their vulnerability to identity theft, according to a national survey conducted by InfoArmor, which helps companies and individuals detect and manage emerging fraud.

The survey, designed to uncover the biggest myths and risks of social media use, revealed that nearly four out of five social media users indicated that half of their connections are not true friends.

A friend used to be a close, trusted source, but in social media, this moniker extends to casual acquaintances and to friends of friends who we may know very little, but with whom so much is shared. This is one reason why social media users are twice as likely to fall victim to identity theft.

While 59 percent of respondents say they would classify fewer than half of their contacts as true friends; 41 percent will “friend” a user based on a mutual connection.

The sheer volume of intimate information – names, pictures, emails, birthdates, work histories, family details – we share with people we don’t know is contradictory, considering that our single most common fear of social media is falling victim to identity theft. The study revealed that nearly 40 percent of respondents post three times per week and 20 percent post daily. Those under the age of 30 typically divulge the most information — including tagging “friends” in posts without their consent, sharing their work history and other highly personal information, posting photos while on a vacation, and even giving out their email, home address and more.

Privacy settings are providing a false sense of security. Respondents indicated a high degree of familiarity with privacy settings, but more than 40 percent of users rarely or never check their privacy settings. This increases to half among males. And, nearly half of users never clean out their followers or friends lists.

Social sites are constantly evolving their security policies and settings, so the onus is on the user to stay vigilant about security settings and who is in their social circles. With the copious amount of data social users sharing about their personal lives living online in perpetuity, the true impact of not utilizing privacy settings is unknown.

Although obtaining identity protection services is the strongest form of defense, here are some of the most important activities a user can independently undertake to protect their identity online:

  1. Live online like a biography, not a diary. Post only benign information.
  2. Check privacy settings frequently, especially after updates are released by social networks. The onus is on the consumer to utilize available tools to protect themselves
  3. Understand the short- and long-term risks of posting personal information. What ends up online can never truly be erased.
  4. Lead through example and teach children and teens not to overshare and take ownership of their personal information online.

With nearly 20 years in the information security industry, Christian Lees is chief technology officer and chief information security officer at InfoArmor. Click here to connect with Christian on LinkedIn.

In the News: How the IRS became a Victim

Data Hacker

The IRS recently announced cyber criminals were able to steal information from over 100,000 Americans’ tax returns. The thieves created phony returns and stole refunds by completing a multiple-factor authentication process including private data and non-identity information (e.g. social websites). As information-based crimes are on the rise, it is important to understand where criminals are retrieving this information. Below are five probable ways criminals obtained sensitive information:

  1. Purchasing personally identifiable information on the Dark Web
  2. Phishing attacks where criminals obtain information by tricking you into providing your information to a site that looks like a trusted company, but the URL is slightly different
  3. Obtaining information through your social networking sites and cookies to easily answer security questions on other websites
  4. Hacking and data breaches
  5. Inside sources (e.g. employees)

For details on how to fight back read more of ABC News article or call us at 800.789.2720

Source: ABC News

Protecting Your Privacy: Card Skimming

Recent inciCard Skimmingdents have highlighted the dangers of card skimming crimes. Card skimming occurs when a device is installed on card readers such as ATMs or gas pumps. Once installed it copies your card information while hidden cameras or viewers take note of the pin you enter.

To avoid becoming a victim of card skimming:

  • Look for signs that the ATM or gas pump has been tampered with —hanging wires, nuts or bolts that are out of place, etc.
  • Look for similarities of the card reader compared to the entire ATM or gas pump—color, plastic, etc.
  • If your card is not going into the machine smoothly, alert the bank right away
  • Check your bank and credit accounts regularly and report any suspicious activity
  • Check your InfoArmor Portal regularly for alerts, credit information, and tips
Source: NBC News

Secure Yourself with Two-Step Authentication

Password SecurityAs data breaches are increasing and thieves are finding more ways to hack into systems and accounts, it is more important than ever to take necessary steps to protect yourself.

One way to prevent unauthorized access is to create complex passwords that include multiple characters, numbers, and symbols.

Furthermore, some systems and applications are now allowing you to set up two-factor authentication to prevent unauthorized access to your account.

Two-step authentication will better protect you by requiring a second piece of information, after you have entered your password into their system. Two-factor authentication is made up of a memorized password (the knowledge

factor) and a second piece of information that you have (the possession factor). A popular two-step authentication is a real-time text message with a unique code that is only sent to the owner of the phone and account. You are extra secure if you have a passcode for your phone too!

Although it may seem tedious to access your account with two-steps, it’s better than having your account hijacked or breached!

Mario Aguilar has provided a list of popular providers who currently have two-factor authentication implemented into their systems. Some of these companies include: Apple, Yahoo!, Dropbox, Google, PayPal, banks and more. Click here for more information on two-factor authentication and how to step it up on accounts.

Source: http://gizmodo.com/its-time-to-enable-two-step-authentication-on-everythin-1646242605

CyberWars: HR Professional’s Role in Our New Reality

When it comes to privacy protection, 2014 was a year of contradiction. The number of data breaches in the United States hit a record 783 – up more than 27 percent from the previous year – while 3 percent fewer individuals were victimized by identity fraud during the same period of time.

While the drop in individual cases of identity fraud could be construed as a positive sign, it is certainly no reason to celebrate. Some 12.7 million Americans were robbed of their personal information in 2014 and security concerns are mounting among corporate executives. It’s because even firms with the most sophisticated ID departments are no match for savvy hackers whose potential to wipe out computer servers, files and employee records is real – and growing.

HR and benefits professionals can play an important role in defending their clients against this 21st-century crime by understanding the depth and breadth of the problem, along with ways to safeguard both personal and company information.

Cyber Attacks on the Rise

The numbers are staggering. On average, individuals victimized by identity theft pay $201 in remediation, while organizations pay an astounding $5.9 million. What’s more, business profits can plummet by as much as $3.2 million because of cyber-crimes.

That’s just what happened to Anthem – the latest company to be hit as part of the growing wave of cyber-attacks.

But numbers alone don’t tell the story. In a just-released commentary, our own Drew Smith explains the impact of identity fraud on employee productivity and hacked companies’ reputations.

Despite ID fraud’s meteoric rise, he says individuals and companies can fight back.

Read the full article here.

For more information about InfoArmor’s Identity Protection visit our website.

 

InfoArmor_Year of the Breach

 

Companies Are Tracking Employees to Nab Traitors

BossWatchingCompanies are increasingly becoming aware that their employees can become significant threats to their organization. While most threats come out of innocent actions by employees, some acts are deliberate attempts to compromise a company’s security.

In an effort to identify threats and their sources, employers are engaging firms which can provide monitoring services on employee activity that could potentially cause harm and disruption to the company.

This type of monitoring involves looking at employees’ email patterns and work habits, especially given that many crimes are initiated by cyber thieves who have access to employee email or credentials.

The software-based technology involved identified activities (e.g., logs in, program usage, company databases access and external websites browses) that seem out of the normal pattern of work.

While this may seem a little Orwellian, companies are faced with needing to delicately balance data protection with maintaining employee confidence and protecting their assets.

Companies that offer this technology stress that the programs have safeguards built in to protect employee privacy. This is a new era of constant breaches and cybersecurity concerns and companies are turning to innovation to help them find solutions.

Bloomberg Business recently posted an article about the issue: http://www.bloomberg.com/news/articles/2015-03-12/companies-are-tracking-employees-to-nab-traitors

Premera Blue Cross Data Breach

medicalAnother medical insurance company, Premera Blue Cross has become the victim of a data breach  beginning on May 5, 2014. Although the company did not learn about the breach until January 29, 2015, it is believed that close to 11 million Premera Blue Cross members, employees, and partners could be impacted. The information that could be exposed includes date of birth, Social Security number, mailing and email addresses, phone numbers, medical records, and potentially bank account and claims data. It is believed that this breach may have connections to the January Anthem breach that potentially impacted 80 million subscribers. Premera Blue Cross has announced they will only be contacting victims via mail only to protect against phishing scams.

What You Can Do:

If you are an InfoArmor identity protection subscriber, rest assured that we are protecting your information. We are continuously monitoring subscriber information for unusual behavior and misuse. If their information was misused during this or any other hacking attempt, we will alert them as soon as we detect suspicious activity.

  1. Review this PDF on proactive steps to protect against a data breach.
  2. Enroll in InfoArmor’s identity protection if you have not already. Reach out to your HR department or benefit broker if you are unsure of the link to do so. You can also call our customer service at (800) 789-2720 if you need additional help.
  3. Stay updated about the scope of the breach; if your company or employee information was exposed, Premera Blue Cross will be required to send out a breach notification letter with information on their free credit monitoring program. Please understand that credit monitoring only protects your credit and highlights fraud after the damage has been done and it is on your credit report. InfoArmor’s identity protection can proactively detect fraud sometimes as it is happening. Our coverage goes beyond credit monitoring alone to provide broader coverage than credit monitoring.

It is important to protect your identity, especially in uncertain times when data breaches are occurring often.

USA Today: ID theft top consumer complaint – again

The Federal Trade Commission has revealed that once again consumers’ number one complaint in 2014 was identity theft. Certainly with all of the breaches and cyberattacks that have been in the news over the last year – from Home Depot and Chase to Sony and now Anthem – this may not come as a surprise.

What is more interesting are the statistics behind the announcement. This is the 15th consecutive year in which identity theft has led the list of consumer complaints, and of the nearly 2.6 million recorded complaints; over 332,000, representing 13 percent of responses, were identity fraud- related.

Complaint Categories

 

Consumers are rightly concerned about privacy and ID issues in light of the breaches, as those whose information is exposed are three times more likely to experience ID theft.

According to Javelin Strategy & Research, which produces an in-depth report on identity theft issues, $16 Billion was stolen from 12.7 million identity fraud victims in 2014. What’s more, an identity was stolen every two seconds in the last year.

The types of cybercrime that occur are as varied as credit and financial fraud to medical identity theft. When costs and remediation time to restore your credit and identity are factored into the equation, the issue warrants even more attention.

Consumers can do something to protect themselves, and this starts with aligning with an identity protection firm, ideally one which utilizes credit, deep internet, social media, and financial and medical monitoring.

There’s no doubt that 2015 will see more breaches and more cases of ID theft, and the likelihood isthat the number one consumer complaint will again be identity related. Don’t let one of these complaints be yours; take the time now to safeguard your identity.

USA Today shared more about the recent FTC report: http://www.usatoday.com/story/money/2015/02/27/ftc-top-complaints-2014/24115309/