IRS Strikes Again – IP PIN Epic Fail

irs-logoWe wrote last year about how the IRS and their Get Transcript service was instrumental in helping identity thieves file fraudulent tax returns for big refunds.  The problem was that the IRS used static user identity information that was available elsewhere online.  They promised to fix this security problem, but have not.  This year, many users of the IP PIN  system that was supposed to harden security ...

Continue Reading →
0

Phishing and Spearphishing – Don’t Take The Bait!

Phishing HookHere’s a provocative statement:  If you could just prevent your staff for clicking on links or opening attachments in phishing emails, 95% of your cybersecurity problems would be prevented.

As perimeter defenses and anti-malware software products have become more effective, cyber-attackers have turned to the phishing email approach as their number one favorite method for acquiring user names and passwords or gaining unauthorized access to computers on your network.   The spearphishing ...

Continue Reading →
0

What Is Social Engineering?

social-engineeringThis should really be called “anti-social” engineering.  A good definition is “social engineering is a non-technical method of intrusion hackers use that relies heavily on human interaction and often involves tricking people into breaking normal security procedures. It is one of the greatest threats that organizations today encounter.”

My article on Wednesday will give an example of phone based social engineering – the fake tech support call. ...

Continue Reading →
0

Password Tips for 2016

password1Passwords – Is mine strong enough?  How do I know?  Every time I write a password article I feel as if this subject has already been done to death by me and others.  But I always get more positive feedback on this subject than others I consider more interesting, so we offer the following suggestions:

  • Use different passwords for personal and work systems.  That way ...
Continue Reading →
0

Tips From FBI To Lower Your Online Profile

ic3I am getting posts from the FBI and the Internet Crime Complaint Center (IC3), and received this interesting warning on November 18th of last year.  This warning was sent to law enforcement and public officials, but if you have come to the point in your life were you are feeling a bit overexposed on the Internet, these tips can help you too.

For some of us, a few of these suggestions are ...

Continue Reading →
0

Lower Your Online Profile

anonymous-avatarHappy New Year!  This week we are going to investigate ways that we can recover some of our personal privacy and enhance the our security our online lives.

Let’s face it, many of us have been running amok on the Internet, busily sharing all sorts of personal information on Facebook, Twitter, LinkedIn, Pinterest, Snapchat, and who knows where else.  Every time we buy something online, ...

Continue Reading →
0

Comcast Subscribers: Change Your Password

comcastAccording to a post on Sophos, Comcast has reset the passwords on 200,000 customers after a security researcher discovered an advertisement on the Dark Web offering to sell 500,000 Comcast passwords in pain text for $1000 in BitCoin.  Investigation by Comcast found that “only” 200,000 of there accounts were active and proactively reset the passwords on all the affected accounts.  Comcast ...

Continue Reading →
0

What To Do When Your Personal Information Is Breached

penetration_test_436x270We recently learned that credit report service Experian had a breach of T-Mobile customer information.  This is just another addition to the pile of Personally Identifying Information (PII) that has been exfiltrated from sundry organizations including the Office of Personnel Management, various BlueCross BlueShield organizations, and Harvard University.

So what to do when this happens to you?  When you are notified by the offending ...

Continue Reading →
0
Page 4 of 5 12345