The IRS recently announced cyber criminals were able to steal information from over 100,000 Americans’ tax returns. The thieves created phony returns and stole refunds by completing a multiple-factor authentication process including private data and non-identity information (e.g. social websites). As information-based crimes are on the rise, it is important to understand where criminals are retrieving this information. Below are five probable ways criminals obtained sensitive information:
- Purchasing personally identifiable information on the Dark Web
- Phishing attacks where criminals obtain information by tricking you into providing your information to a site that looks like a trusted company, but the URL is slightly different
- Obtaining information through your social networking sites and cookies to easily answer security questions on other websites
- Hacking and data breaches
- Inside sources (e.g. employees)
For details on how to fight back read more of ABC News article or call us at 800.789.2720
Source: ABC News
Recent incidents have highlighted the dangers of card skimming crimes. Card skimming occurs when a device is installed on card readers such as ATMs or gas pumps. Once installed it copies your card information while hidden cameras or viewers take note of the pin you enter.
To avoid becoming a victim of card skimming:
- Look for signs that the ATM or gas pump has been tampered with —hanging wires, nuts or bolts that are out of place, etc.
- Look for similarities of the card reader compared to the entire ATM or gas pump—color, plastic, etc.
- If your card is not going into the machine smoothly, alert the bank right away
- Check your bank and credit accounts regularly and report any suspicious activity
- Check your InfoArmor Portal regularly for alerts, credit information, and tips
Source: NBC News
As data breaches are increasing and thieves are finding more ways to hack into systems and accounts, it is more important than ever to take necessary steps to protect yourself.
One way to prevent unauthorized access is to create complex passwords that include multiple characters, numbers, and symbols.
Furthermore, some systems and applications are now allowing you to set up two-factor authentication to prevent unauthorized access to your account.
Two-step authentication will better protect you by requiring a second piece of information, after you have entered your password into their system. Two-factor authentication is made up of a memorized password (the knowledge
factor) and a second piece of information that you have (the possession factor). A popular two-step authentication is a real-time text message with a unique code that is only sent to the owner of the phone and account. You are extra secure if you have a passcode for your phone too!
Although it may seem tedious to access your account with two-steps, it’s better than having your account hijacked or breached!
Mario Aguilar has provided a list of popular providers who currently have two-factor authentication implemented into their systems. Some of these companies include: Apple, Yahoo!, Dropbox, Google, PayPal, banks and more. Click here for more information on two-factor authentication and how to step it up on accounts.
When it comes to privacy protection, 2014 was a year of contradiction. The number of data breaches in the United States hit a record 783 – up more than 27 percent from the previous year – while 3 percent fewer individuals were victimized by identity fraud during the same period of time.
While the drop in individual cases of identity fraud could be construed as a positive sign, it is certainly no reason to celebrate. Some 12.7 million Americans were robbed of their personal information in 2014 and security concerns are mounting among corporate executives. It’s because even firms with the most sophisticated ID departments are no match for savvy hackers whose potential to wipe out computer servers, files and employee records is real – and growing.
HR and benefits professionals can play an important role in defending their clients against this 21st-century crime by understanding the depth and breadth of the problem, along with ways to safeguard both personal and company information.
The numbers are staggering. On average, individuals victimized by identity theft pay $201 in remediation, while organizations pay an astounding $5.9 million. What’s more, business profits can plummet by as much as $3.2 million because of cyber-crimes.
That’s just what happened to Anthem – the latest company to be hit as part of the growing wave of cyber-attacks.
But numbers alone don’t tell the story. In a just-released commentary, our own Drew Smith explains the impact of identity fraud on employee productivity and hacked companies’ reputations.
Despite ID fraud’s meteoric rise, he says individuals and companies can fight back.
Read the full article here.
For more information about InfoArmor’s Identity Protection visit our website.
Companies are increasingly becoming aware that their employees can become significant threats to their organization. While most threats come out of innocent actions by employees, some acts are deliberate attempts to compromise a company’s security.
In an effort to identify threats and their sources, employers are engaging firms which can provide monitoring services on employee activity that could potentially cause harm and disruption to the company.
This type of monitoring involves looking at employees’ email patterns and work habits, especially given that many crimes are initiated by cyber thieves who have access to employee email or credentials.
The software-based technology involved identified activities (e.g., logs in, program usage, company databases access and external websites browses) that seem out of the normal pattern of work.
While this may seem a little Orwellian, companies are faced with needing to delicately balance data protection with maintaining employee confidence and protecting their assets.
Companies that offer this technology stress that the programs have safeguards built in to protect employee privacy. This is a new era of constant breaches and cybersecurity concerns and companies are turning to innovation to help them find solutions.
Bloomberg Business recently posted an article about the issue: http://www.bloomberg.com/news/articles/2015-03-12/companies-are-tracking-employees-to-nab-traitors
Another medical insurance company, Premera Blue Cross has become the victim of a data breach beginning on May 5, 2014. Although the company did not learn about the breach until January 29, 2015, it is believed that close to 11 million Premera Blue Cross members, employees, and partners could be impacted. The information that could be exposed includes date of birth, Social Security number, mailing and email addresses, phone numbers, medical records, and potentially bank account and claims data. It is believed that this breach may have connections to the January Anthem breach that potentially impacted 80 million subscribers. Premera Blue Cross has announced they will only be contacting victims via mail only to protect against phishing scams.
What You Can Do:
If you are an InfoArmor identity protection subscriber, rest assured that we are protecting your information. We are continuously monitoring subscriber information for unusual behavior and misuse. If their information was misused during this or any other hacking attempt, we will alert them as soon as we detect suspicious activity.
- Review this PDF on proactive steps to protect against a data breach.
- Enroll in InfoArmor’s identity protection if you have not already. Reach out to your HR department or benefit broker if you are unsure of the link to do so. You can also call our customer service at (800) 789-2720 if you need additional help.
- Stay updated about the scope of the breach; if your company or employee information was exposed, Premera Blue Cross will be required to send out a breach notification letter with information on their free credit monitoring program. Please understand that credit monitoring only protects your credit and highlights fraud after the damage has been done and it is on your credit report. InfoArmor’s identity protection can proactively detect fraud sometimes as it is happening. Our coverage goes beyond credit monitoring alone to provide broader coverage than credit monitoring.
It is important to protect your identity, especially in uncertain times when data breaches are occurring often.