Identity Theft and Cell Phones

Recently there have been identity thefts with the use of “credit mules” posing as new or existing cell contract costumers. These posing consumers scammed thousands of free or subsidized phones from AT&T, Verizon, T-Mobile, etc.

According to previous lawsuits, in Taylor, Michigan U.S. Secret Service agents witnessed a few individuals walking with iPhone boxes and cell phone shopping bags into a store run by iBuy Express inc. After leaving the store, the individuals left the store without their boxes and bags. They only came out with loads of money in their pockets. After witnessing this, the agents looked into the store’s garbage and found receipts, bags, and empty boxes from AT&T, Verizon, Apple, Best Buy, and Radioshack. According to the suit, these credit mules scammed subsidized phones by using stolen IDs to sign new 2-year contracts with multiple carriers. This is a type of social engineering where they would pose as a fake customer and use the stolen IDs to gain access on these private phone plans and completely taking control of it.

In my opinion this could be very well achieved by anyone who gains access to cellular data from another individual. They may very well go through your trash and find phone receipts and personal contract information.

Sources: http://www.forbes.com/sites/janetnovack/2013/09/24/id-theft-ring-scammed-thousands-of-cell-phones-from-verizon-att-apple/

Advertisements

Hide Yo’ Kids!

On Saturday, August 17th, a Texas couple walked into a privacy invasion that they never saw coming. After hearing strange noises emitting from their two-year-old’s baby monitor, this couple ventured into their daughter’s room to find a voice yelling sexual and offensive comments at their young child. As if this story couldn’t get creepier, the supposed hacker was able to learn the child’s name from pictures on the wall, and proceeded to use the infant’s name in his insults. When the hacker detected that the parent’s had entered the room, he began to cast similar comments at them until the father was able to unplug the device.

The most puzzling aspect of this whole occurrence was that the father had taken the proper precautions recommended for the protected use of this internet-connected baby monitor. These precautionary measures included establishing passwords for the camera and router, as well as enabling a firewall. Although the parents had done their research and were confident that their purchase was safe, all of their efforts were still not enough.

Contrary to most cyber crime, this act was performed with no attempt for self-gain. Therefore, it is harder to classify this crime from a prosecution standpoint. According to Kevin Smith, an attorney specializing in criminal law, the hacker will likely be charged with, “More 20th century criminal charges like harassment, threatening, voyeurism and risk of injury to a minor.” When it comes to hacking, individuals capable of such actions are virtually able to maneuver around any cyber obstacle if they try hard enough. This ability, when misused, can be terrifying, as can be verified by these two Texas parents. Luckily for their daughter, however, who is hearing deficient, her cochlear implants were turned off during the brutal barrage of insults. It all just goes to show, however, that no internet-connected device is fully-protected, no matter what the product claims.

 

 Dragani, Rachelle. “Hacker Invades Baby Monitor in Texas Home.” TechNewsWorld: All Tech. N.p., n.d. Web. 23 Sept. 2013.

<http://www.technewsworld.com/story/78723.html

Your information is only as secure as who you share it with

Regardless of how secure you are with your information, you are still at risk of identity theft and other fraudulent crimes. Just like a chain is only as strong as it’s weakest link, your information is only as secure as those you share it with.

Terry Zink runs a security blog since 2009 and recently got his corporate credit card information stolen and a $20 charge was placed at a Shell Station in Canada. He rarely used this card as it was his corporate card and was baffled at how the information could have been leaked. Terry ended up retracing his purchases and couldn’t figure out where his information could have been breached. He always had physical access to the card and only used it for business related purchases. So what mistake did he make? Where did he slip up and allow his information to be stolen?

Turns out a week later his debit card was also compromised. Through some detective work he was able to determine that since both cards were compromised within a week they were likely to have been leaked from the same merchant. He ran through prior purchases and determined it was a restaurant he had visited a few months back.

Terry was understandably frustrated. He was inconvenienced, his information stolen, and his privacy was violated. Worse, it was through no fault of his own. His security was up to snuff (hell he runs a security blog), but as Terry found out his information was only as secure as who he had shared it with.

 

http://blogs.msdn.com/b/tzink/archive/2013/05/18/i-don-t-have-to-do-anything-and-my-credit-card-information-gets-breached.aspx

Hide your Webcams!

It sure is fun to Skype with friends online or browse through other video chat websites when you are bored, but what if you are having an intimate moment with someone or browsing certain websites and you do not want anyone to know? Well too bad! Not only might the NSA be watching your dirty actions, but so might hackers through your webcam!

Due to the advancements of technology, people are able to mess around with Flash installed on computers and use CSS/HTML tricks to access a user’s webcam.  This process is called clickjacking, which according to Oxford dictionaries, means the following: “the malicious practice of manipulating a website user’s activity by concealing hyperlinks beneath legitimate clickable content, thereby causing the user to perform actions of which they are unaware”. An example of such action is the hacking of Cassidy Wolf (Miss Teen USA). Cassidy was supposedly spied on by a hacker through her webcam, he threatened to release nude pictures if she did not abide by his commands. More information on this incident can be found in the article titled “Webcam Spying Goes Mainstream as Miss Teen USA Describes Hack.” Another example includes that of a sex offender named Mark Wayne Miller who had created a fake online video chatting profile in order to trick under-age girls into performing sexual activities. He would also hack into their webcams and record them without them or family members knowing. As stated in the article, “He distributed some of the recorded Webcam footage to others”; this of course might lead to images of the underage girls ending up on porn or other related sites.

As you can see by the couple of examples posted, online security is crucial. The world was in shock when Edward Snowden released files that support the notion that the NSA has been and still is spying on U.S citizens and other countries worldwide. Yet, many people are unaware that their webcams can be easily hacked and images transferred to sites and other people. The risks of this happening can be reduced by purchasing a strong anti-virus program, having firewall enabled, having a secured network and disconnecting webcams if possible, if not, by covering them with tape.

Kumparak, Greg. “Smile! Hackers Can Silently Access Your Webcam Right Through The Browser (Again).” TechCrunch RSS. TechCrunch, 13 June 2013. Web. 17 Sept. 2013.

Anderson, Nate. “ArsTechnica.” Ars Technica. Arstechnica, 16 Aug. 2013. Web. 17 Sept. 2013.

Gaudin, Sharon. “InformationWeek: The Business Value of Technology.” InformationWeek. InformationWeek, 12 July 2007. Web. 17 Sept. 2013

 

 

 

Will Obamacare be secure?

I’m sure most people would agree that our health is the most, if not one of the most important aspects in our lives. The information pertaining to it is vital, and extra precautions are to be taken not just seriously, but are obligatory. Any loss or manipulation of data could definitely prove to be irreversible and even fatal.

Well with the new healthcare system that is supposed to take place (The Patient Protection and Affordable Care Act or commonly referred to as ‘Obamacare’), it seems as if it is not fully ready to prepare itself from a scale of threats. Just to illustrate, the article states how the CIO for the Centers for Medicaid and Medicare Services; “…won’t sign off on data security until Sept. 30, one day before health insurance marketplaces are scheduled to open.” This does not sound reassuring, given that this organization will be responsible for running the data hub.  Also, the lack of proper screening and training by those obtaining information from applicants is mentioned to be a prominent concern. Sensitive information like SSN’s will be at the hands of many who may have not gone through adequate screening and can make ways data loss and theft.

What do you think about this, and should it be brought into the public discussion? Identity thieves will always search for ways, but the government and other agencies should hold more accountability for their programs (regardless of which political party or figure is in power).

Levin, Adam. “Politics Aside, Is Obamacare Secure?” The Huffington Post. TheHuffingtonPost.com, 13 Sept. 2013. Web. 17 Sept. 2013.

http://www.huffingtonpost.com/adam-levin/politics-aside-is-obamaca_b_3916387.html?utm_hp_ref=technology&ir=Technology