Posts tagged "identity theft expert"
Recently, I was asked to do a segment for The Rachael Ray Show that demonstrated very visually how many audience members face immediate identity theft risks. Watching them move across the stage as we exposed two or three common sources of identity theft was remarkable. Once we had experienced the numbers, we ventured into the house of one of Rachael’s audience members to see how to mitigate the risk. Watch the video to see if you would have joined the “at risk” group, or read the transcript below:
Rachael: We had the audience stand back here because we all carry several items on any given day, EVERY given day, that put us at risk. So John, you’re going to weed out our audience so we can all learn in how many areas we are seriously at risk if we have certain items on us, correct?
It’s no surprise that identity theft once again tops the “Dirty Dozen” tax scams put forth by the IRS for 2014. They warn that if an identity thief has access to your personal information, such as your name, Social Security number or other identifying information, he or she may use it to fraudulently file a tax return and claim a refund in your name. Think of the implications for the 110 million victims of the recent Target data breach as well as victims of the hundreds of other breaches at other retailers, universities, healthcare providers, government agencies and so on.
KrebsOnSecurity reports that the information from the Target breach alone has reportedly flooded underground black markets and cards are being sold from around $20 to more than $100 each. This data is being sold in hundreds of online “stores” advertised in cybercrime forums. A fraud analyst at a major bank was able to buy a portion of the bank’s accounts from such a store.
Self-censorship on Facebook
Do you ever delete the words you type on Facebook before you hit post?
Have you ever started to type a status update that you thought was hilarious…until you realized your boss might not appreciate your 8th-grade humor? So what’d you do? You quickly hit the delete key and watched your comment disappear forever, right? Not exactly.
What if you are ready to make a snarky comment to Greg, the upperclass jerk who stole your high school girlfriend (and is about to get a divorce, ha ha), but decide to take the high road just before hitting the “post” button and instead, wish him well on his pending journey of love (despite the fact that it’s bound to fail)?
No harm done, right? You never hit the post button, so no one ever saw it! Well, it turns out that’s not quite how it works in Facebook Land.
I’ve had dozens of media requests for interviews and countless more email inquiries from people concerned about the Target data breach. At first, everyone just wanted to know details of how it happened, how big the breach was, and what they should do about it if their credit cards were at risk. Now that the initial shock of it is over, we are on to a bigger question:
How do we keep breach from negatively affecting so many Americans?
Breach will always happen. If it’s digital, it’s hackable. It’s coming to light that the Target breach may have been due to the computer access an HVAC WORKER (no, not an entire company, an individual WORKER) had to Target’s systems. While there is no guaranteed way of preventing fraud, there is a pretty reliable answer out there, and it’s been around for decades. That answer is for the US to finally catch up to more than 80 countries around the world and start using chip and PIN enabled credit cards, also known as EMV, smart cards, or microchip cards.
Biometrics are like passwords, but worse.
Biometrics are like passwords that you leave everywhere (fingerprints, facial recognition, voice patterns), except that unlike passwords, you can’t change them when they’re lost or stolen. It’s easy to change your password, a bit harder to get a new retina. Like passwords, risk goes up as they are stored globally (in the cloud) versus locally (on a physical device).
In addition to the biometrics mentioned above that most of us have come to accept as commonplace, there are many other methods in use or under exploration:
- hand geometry
- vascular pattern recognition (analyzing vein patterns)
- iris scans
- signature geometry (not just the look of the signature, but the pen pressure, signature speed, etc.)
- gait analysis
- heartbeat signatures