Holiday Shopping Tips

This holiday season the FBI reminds shoppers that cyber criminals aggressively create new ways to steal money and personal information. Scammers use many techniques to fool potential victims, including conducting fraudulent auction sales, reshipping merchandise purchased with stolen credit cards, and selling fraudulent or stolen gift cards through auction sites at discounted prices.

Google Issuing Fix For Latest Android Vulnerability

Google has been issuing updates since last week to its Android platform to fix one of two recently revealed vulnerabilities that could allow an attacker to install applications on a phone without the explicit permission of the smartphone user.

PCI Data Security Standard Version 2.0 Released

The PCI Security Standards Council (PCI SSC), a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) requirements and the Payment Application Data Security Standard (PA-DSS), today released version 2.0 of the PCI DSS and PA-DSS. Reflecting input from the Council’s global stakeholders, this latest version is designed to provide greater clarity and flexibility to facilitate improved understanding of the requirements and eased implementation for merchants. Version 2.0 becomes effective on January 1, 2011.

Consumer Advisory: Continued Work from Home Scams

Consumers continue to lose money from work-from-home scams that assist cyber criminals move stolen funds. Worse yet, due to their deliberate or unknowing participation in the scams, these individuals may face criminal charges.

Skimming Attacks Net $500,000 a Month

Analysts at Gartner Research are warning that card fraudsters are engaging in a type of skimming that is netting some groups $500,000 a month. Rather than manufacturing phony cards on a one-to-one basis from the skimmed information, these groups are manufacturing multiple cards for each account, then having money mules make nearly simultaneous withdrawals in separate cities.

Fraud Advisory: Corporate Account Take Over

Fraud advisory: Cyber criminals are targeting the financial accounts of owners and employees of small and medium sized businesses, resulting in significant business disruption and substantial monetary losses due to fraudulent transfers from these accounts. Often these funds may not be recovered.

What’s in YOUR Trash Can?

We have had a great response concerning our security awareness “poster” concerning strong passwords! We thank you for that. In fact, we have had several requests for additional ones from several people.

Are You the Weakest Link?

I just got off the phone with Dan after he spent the last couple of days at the Indiana Bankers Association’s IT Security Conference. He said it went great! Lots of good information and wonderful speakers. Long story short: I’m a multi-tasker. So, while discussing the conference, I needed something to do to fill that multi-tasking gap (I couldn’t work on the IT Audit report and listen to him at the same time). This is what I did…

Telephone Calls Claiming to Be From the FDIC

The Federal Deposit Insurance Corporation (FDIC) has received numerous reports of suspicious telephone calls where the caller claims to represent the FDIC and is calling regarding the collection of an outstanding debt.

To date, the callers have alleged that the call recipient is delinquent in payment of a loan that was applied for over the Internet or made through a payday lender. The loan may or may not actually exist. The caller attempts to authenticate the claim by providing sensitive personal information, such as name, Social Security number, and date of birth, supposedly taken from the loan application. The recipient is then strongly urged to make a payment over the phone to “avoid a lawsuit and possible arrest.” In some instances, the caller is said to sound aggressive and threatening.

AITP’s Fall Conference and IT Expo

As an Indiana-based Information Security firm, we work to help other Indiana-based organizations in their efforts to deliver relevant technology and leadership education, research and information on current business and technology issues. That is the mission of one such organization: The Association of Information Technology Professionals (AITP). As such, it is our pleasure to assist them in announcing their Fall Conference and IT Expo that will hosted by the East Central Indiana Chapter [Muncie, Indiana].