IDTheft TIP: Avoiding Malware and Related Threats

Posted on January 1, 2011 by adells

Malware and Related Threats

Malware is possibly the most common threat to computer information security. It is a term coined to mean “malicious software.” The term covers threats such as viruses, worms, and Trojan Horses. Spam and phishing are also related threats.

The problem with malware—and sometimes spam and phishing—is that it can be exploited by criminals to gain access to or destroy information stored on computers. As a result, personal information can be stolen and, in some cases, used as a basis for identity theft.

These are very serious threats; therefore, it’s important that you know what they are and how to prevent them. Here are some definitions.

Viruses: A virus is a program that is loaded onto your computer without your knowledge and runs without your permission. Viruses can copy themselves and infect many or all files on a computer. Viruses are usually malicious and can be disguised as email attachments or files on the Internet containing games or useful programs.
Worms: A worm is a form of virus that spreads form computer to computer by creating copies of itself. Typically, works send copies to other computers through network connections, email, infected web pages or instant messages. Worms can be designed to flood networks with traffic, slowing them to a halt. They can also carry malicious software that does other forms of damage.
Trojan Horses: A Trojan Horse is a program that pretends to be useful or desirable but actually contains damaging software.
Spam: Spam is unsolicited email that is usually sent by a commercial enterprise and often is an attempt to sell you something. Spam is annoying, sometimes offensive, but typically not a serious security threat. It can become a huge time waster trying to clean up your email in-box.
Phishing: Phishing is an attempt to steal your identity and commit fraud by sending deceptive email. Never respond to an email even if it seems to come from a familiar source such as your bank or online auction site that you use. Never enter personal information such as your Social Security number, bank account, username or password that would allow the sender to steal your money or your identity.

IDTheft TIP: Email and Internet Best Practices

Posted on December 30, 2010 by adells

How can you protect your system from malware attacks and other threats while using email and the Internet.

Safeguard sensitive data in email and on the Internet. Assume that information you send over the Internet can be read by anyone, and never send sensitive data via email unless you have encryption tools.
Protect your user ID, password, and personal information. Never store passwords, IDs, or credit card information on the Internet, and never share your password information with others.
Control access to your computer. Manually lock your computer when you leave your desk.
Think security before you finish your day. Log off the network and lock your computer at the end of each day. Remember to secure laptops left at work.

IDTheft TIP: Beware of Social Engineering

Posted on December 28, 2010 by adells

Social Engineering

One of the biggest threats to information security is a technique known as “social engineering.” Social engineering involves using a variety of methods to manipulate people into divulging confidential information. Methods most commonly used are dumpster diving, phishing, impersonation, and physical access violations.

EMAILS: Emails are a common device for carrying out social engineering attacks. You might receive an email asking you to go to a Web site and enter account details, which are then sent to the attacker. Or an email might suggest that you download and install a software program, tricking you into opening a virus or divulging personal information.
WHAT YOU CAN DO: It’s easy to create a phony email message that appears legitimate. So unless you’re expecting an email from someone or can confirm that a particular person sent you a message, treat it with extreme caution.
CAMERAS: Modern cell phones include cameras that all an identity thief new access. Be careful about leaving sensitive data in plain view or on whiteboards. The attacker can simply take out a camera phone and start taking pictures.
WHAT YOU CAN DO: Be aware of people using cell phones near any sensitive information.
PHONE CALLS: Phone calls are probably the most common form of impersonation because the attacker faces very little risk of being apprehended.
WHAT YOU CAN DO: If you do not personally know a caller, take the time to verify the person’s identity. Determine if the caller has the appropriate authorization before releasing the requested information. Often a simple call back to the number listed in the company directory can help establish a caller’s identity.

IDTheft TIP: Personally Identifiable Information

Posted on December 27, 2010 by adells

What is Personally Identifiable Information (PII)?

The most basic type of information that must be kept private is known as Personally Identifiable Information (PII).

PII: PII refers to items that can be used to identify, contact, or locate an individual. For example, a driver’s license or credit card may contain many personally identifiable elements, such as the person’s name, address, photograph, and the license number itself.

Non-PII: Non-PII refers to personal and non-personal information that is not linked to an identified individual. For example, a census or survey report might contain the personal information of thousands of people, but it summarizes that information so that the individuals cannot be identified.

Additional PII:
Almost everyone understands the need to safeguard personal information such as account numbers and Social Security numbers. However, you also need to protect other personal information that may not be identifiers alone, but when used in combination with other information, could lead to potential privacy breaches now referred to as Synthetic identity theft.

Here are examples of this type of information:
• Names
• Birthdays
• Zip codes
• Addresses
• Last four digits of Social Security numbers
• Security answer questions, such as your mother’s maiden name, pet’s name, etc.
TIP: Be creative with your security questions.

Don’t forget to secure your home wireless network

Posted on December 14, 2010 by adells

Most people these days have a wireless router in their home to network several computers. It is important that you secure that network so someone else can’t use your network or get your information. Check out this informative article from The Geek Stuff site:

6 Steps to Secure Your Home Wireless Network

by Ramesh Natarajan on August 7, 2008

Most of you might have enabled wireless encryption, which is only one of the 6 steps mentioned in this article to make your wireless network safe and secure from hackers. The screenshots mentioned below are from Linksys wireless router. But, you’ll find similar options for all the 6 steps mentioned below in wireless routers from any other vendors.

>Read the complete instructions for “6 Steps to Secure Your Home Wireless Network”

Identity thieves are getting bold enough to steal a County Jail’s identity

Posted on December 11, 2010 by adells

This is from my smalltown hometown newspaper and shows that identity theft can happen to anyone…anywhere…

Thief steals county jail’s identity, spends $3,100

By COURTNEY SERVAES, Herald Staff Writer

It’s not unusual for the Franklin County Sheriff’s Office to receive reports of identity theft, Undersheriff Steve Lunger said.

It is unusual for those reports to come from the Franklin County jail, however.
“We hear about identity theft on individuals,” Lunger said. “But at county jail is kind of unique.”

That’s what happened between Nov. 15 and Tuesday, when Lunger said someone
used the jail’s bank account information to make more than $3,100 worth
of unauthorized purchases.

Lunger said the theft was discovered when a clerk received the jail bank statement this week. The purchases appear to be personal purchases, and Lunger said the sheriff’s office continues to investigate the incident. He said the sheriff’s office does have a few leads in the case. “We don’t know all the particulars yet,” he said.
Lunger said the sheriff’s office doesn’t believe the thefts to be related to a scam.
“It looks like an intentional act,” he said.

The jail was able to work out an agreement with the bank to retrieve the missing money, he said.

“How to Win Friends and Influence People” Overview

Posted on December 7, 2010 by adells

One of my all-time classic favorite books is “How to Win Friends and Influence People” by Dale Carnegie. Here is a great way to review the highlights of that book as you apply them to your every day life.

Continue reading →

Learn how to permanently delete your account on popular websites

Posted on December 7, 2010 by adells

Facebook, LinkedIn, Twitter, MySpace, Google, eBay, Flikr, Amazon, YouTube, WordPress…and many more…

We all have an increasing number of sites and online services we’re members of, and sometimes it all gets a little overwhelming. At times, we just need to delete our memberships to some sites, either in an effort to simplify our lives or just because we’ve grown tired of a particular site or service.

What we often don’t realize when signing up for all these accounts, though, is how difficult it can be to permanently delete our accounts when we’ve had enough. Some require complicated, multi-step processes that can stretch over the course of days (or weeks). Others take less time, but still require multiple steps by the user.

>Learn how to delete your accounts in this great article by Cameron Chapman at Smashing.com

Nearly Two-Thirds Of Companies Have Been Breached In The Past Year, Study Says

Posted on November 27, 2010 by adells

IT security becoming a higher priority in many organizations, CompTIA reports

By Tim Wilson Nov 17, 2010 | 04:15 PM
Darkreading

Sixty-three percent of U.S. organizations have experienced at least one security incident or breach during the past year, according to a new study released today.

Almost half of the breached organizations classified the situation as “serious” — meaning there was a financial threat, potential damage to the organization’s reputation, or other business-critical problem, according to the Computing Technology Industry Association’s (CompTIA’s) 8th Annual Global Security Trends Study.

Read the complete article from Darkreading

Adell Associates

Positive news and resources to enjoy life!