Friday, May 02, 2008
ABC World News Tonight last night (May 1) did a major report on identity protection. The title of the story by Elisabeth Leamy (link here) was “How identity theft happens and how to protect yourself: most common ways your identity gets stolen and how to fight back.”
The report emphasized physical security dangers in the “bricks and mortar” and paper world. That is, giving credit cards to waiters in restaurants, and skimming at ATM machines, as well as physical dumpster diving (which can also be done virtually with unsecured home and office wireless networks, as recently discussed). The report also discusses hacked shopping sites.
The report on television showed an undercover female reporter chatting with “business people” buying and selling lists of personal identities (social security numbers, addresses, credit and debit cards) on online shopping lists overseas. The chat room sites even had “shopping carts”. Many of these operations are in Russia and Eastern Europe, where the US law enforcement does not have practical reach without diplomatic complications.
Tonight, Friday, May 2, ABC World News Tonight will demonstrate an operation that makes counterfeit debit cards and can drain bank accounts. Apparently this can be done if physical and IT security around ATM's is insufficient. One practical measure for consumers is to limit the amount that can be withdrawn from a debit card in one transaction, in one day, or in one point-of-sale. This would also provide security in case of an armed robbery or kidnapping at an ATM. Any bank will do this upon request. Check this link for the story tonight.
The exact link is this. The story title is "Crooks Have Your Card and You Don't Even Know It; How Thieves Copy Credit and Debit Cards and Drain Accounts," story by Elisabeth Leamy.
A related story by Leamy is "Online Fraud: How to Identify It and Fight Back; Tips on How to Recognize Fraud and Protect Yourself," link here.
Thursday, May 01, 2008
Walter S. Mossberg has a useful column in the “Personal Journal” section of the May 1 Wall Street Journal, p D1, “How to Avoid Cons That Can Lead to Identity Theft.” The link is here.
Much of his advice is familiar. For example, banks and financial institutions never ask for information by email, so don’t click on links that purport to be from banks and ask for updates or corrections. The same goes for ISP’s (like AOL, and even some other ones have been spoofed in the past few months), who may warn visitors that their accounts have been deactivated, when they haven’t been (that’s easy to check).
Another is to be wary of unsolicited offers of spurious software, such as anti-virus software, especially when it comes from unknown companies or seems to have little explanation. This has been a problem with spam placed in comments on blogs, so offers in blog comments should be viewed with great suspicion, particularly when they bear no relation to the substance of the blog.
He mentions special viewing software such as Microsoft’s Silverlight or Adobe’s Flash. This should be downloaded only from the original vendor, not with an unrelated offer. Microsoft will ask visitors to download Silverlight to look at the Front Page replacement Expression Web.
He also says that there is no inherent reason why Apple Mac is safer than the PC Microsoft world (or anything else like Linux on a PC) other than the popularity of Microsoft as a target. Phishing scams can come on any machine, and now they sometimes show up in cell phone text messages (smishing).