Blog

CyberScout is the nation’s premier consultative provider of identity and data risk management, resolution and education services.

Social Security numbers too precious to risk

Social Security numbers too precious to risk
September 29, 2015

sh_protected Social Security_750

A congressman wants to fight identity theft by keeping Social Security numbers off many federal tax forms. Rep. Vern Buchanan, R-Fla., introduced the Taxpayer Identity Protection Act, which would let companies use an alternative to the Social Security number on the W-2 tax form, issued to every employee earning at least $600 a year. “This bipartisan, common-sense measure will protect Americans from identity fraud by limiting the use of Social Security numbers on the most popular tax forms, including the W-2,” said Buchanan, who sits on the House Ways and Means Committee, the panel that writes U.S. tax code. Digital thieves earlier this year accessed the IRS computer network to steal more than 300,000 taxpayer’s returns. Source: The Hill

All’s well that ends badly for thief

sh_tax audit_280Federal authorities say a 15-year sentence concludes a $24 million scheme in which 10 women from Alabama and Georgia stole more than 9,000 identities from the U.S. Army, several Alabama state agencies and Georgia companies and used them to defraud the government through falsified tax returns. Keisha Lanier, who was prosecuted as the ringleader by the U.S. Attorney’s Office, was sentenced to 15 years in prison and ordered to forfeit $5,811,406. From January 2011 to December 2013, Lanier and her co-defendants filed more than 9,000 false individual federal income tax returns that claimed more than $24 million in fraudulent claims for tax refunds, according to information in court documents and at the sentencing hearings. The IRS paid out close to $10 million in refunds on these fraudulent claims. Source: The Montgomery (Ala.) Advertiser

Health breach may be coming home to roost

Police in Batavia, N.Y., say identity theft complaints have been coming in that might be connected to the Excellus Blue Cross Blue Shield cyber attack. Excellus announced the breach on Sept. 9, saying sensitive information such as Social Security numbers could have been compromised for about 10 million people. The Batavia Police Department is working with Excellus BlueCross BlueShield to determine if these cases could be related to the data breach. Source: CNYCentral

What cybersecurity labor shortage?

sh_hiring_280The cybersecurity labor shortage has corporations and governments scrambling to fill more than a million new positions in the next few years. But there may be more cybersecurity people than we think. “There are more than 1 million cyber pros in the U.S. alone” says Mark Aiello, president at Cyber 360, a cybersecurity staffing firm. “However, this is very difficult to quantify because it is such a new labor category that accurate records cannot be kept. There are no standard job titles and many cyber pros wear multiple hats. They sometimes don’t self-identify as cyber pros.” Frost & Sullivan predicted that by 2015 the number of information security professionals would increase to more than 1.6 million, and to more than 2 million by 2017, in the Americas alone. The cyber labor shortage is largely defined by the companies and HR managers who say they can’t find qualified people. Aiello’s take on the situation is a little different. He says that competition is fierce, but you can find the people. “We invest all of our time in going where they (cyber pros) go and doing what they do. We attend industry events and conferences,” Aiello says. Source: Forbes

Bigger than the drug threat

A former top fraud detective with the City of London police warns that cyber crime is more of a threat to the country than the illegal drug trade. Steve Head, who resigned this month as the U.K.’s national coordinator for economic crime, challenged the concept that crime in Britain was dropping. He also warned of an increase in the number of foreign criminals targeting people and companies in the U.K. Fraud detectives believe that about 3 million cyber and fraud offenses go unreported each year. Police investigate fewer than one in 100 reported frauds. “Because there is this hidden element to cyber crime, we are not having a sensible debate about it because we do not understand what a huge threat it is. I don’t believe crime is falling, but criminals have moved to embrace the Internet,” Head stated. Source: SC magazine

Gender gap still widening

sh_gender gapWomen account for one in 10 cybersecurity professionals, as the gender gap widened over two years in a male-dominated field with a drastic work-force shortage, a survey showed. ISC2, the largest organization that certifies cyber professionals, said that a poll of nearly 14,000 information security professionals in developed countries found that 10 percent were women, down from 11 percent two years ago, said ISC2 official Elise Yacobellis. One reason for concern is a talent shortage. ISC2 reported earlier this year that 62 percent of respondents said their organizations did not have enough security professionals. “We have a huge work-force shortage. If we brought more women into this field, I believe that gap would lessen,” Yacobellis said. Source: Reuters

No, Facebook won’t charge you for privacy

Is Facebook going to start charging users to keep their posts private? In a word: no. A Facebook hoax has begun making the rounds (again) leading some users to think that Facebook is going to start charging for photos and other content. Some have posted the following message on their timelines: “Due to the fact that Facebook has chosen to involve software that will allow the theft of my personal information, I state: at this date of January 4, 2015, in response to the new guidelines of Facebook, pursuant to articles L.111, 112 and 113 of the code of intellectual property, I declare that my rights are attached to all my personal data drawings, paintings, photos, video, texts etc. published on my profile and my page. For commercial use of the foregoing my written consent is required at all times.” The hoax has been exposed several times, so there is no need to post a “legal notice” on your wall to protect your copyright and privacy rights. Source: CBS

Microsoft exec defends Windows 10

sh_Windows 10_280Since Windows 10 made its debut in July, there have been reports about how Microsoft is using its new operating system to covertly collect data about its customers. Microsoft has been accused of lacking transparency in how it logs your keystrokes, shares access to your Wi-Fi network, uses your Internet connection to help other Windows 10 customers download updates, and forbids you from turning off all information sharing. Monday, Microsoft delivered its first comprehensive response. In a blog post, Windows chief Terry Myerson acknowledged that Windows 10 is collecting personal information about customers to enable some of its best features, including the Cortana virtual assistant. It also collects information about your computer’s performance to detect and correct potential bugs. But he said Windows 10 users have the ability to control what information they share with Microsoft. “We’re learning how to explain all this to customers,” Myerson said. “Our privacy principles are good … now we need to keep listening and learning.” Source: CNN

Hold on there, that’s not what we meant

Salesforce has made a public reversal over its perceived stance on the controversial CISA legislation making its way through Congress, after finding itself on the receiving end of threats of a boycott from privacy advocates. Salesforce added its signature to a letter from the Business Software Alliance urging “prompt House and Senate action” on “Cyber Threat Information Sharing Legislation.” It was interpreted as support for CISA—the Cybersecurity Information Sharing Act of 2015. CISA is pitched as an information-sharing device to put in place incentives to encourage sharing of threats among businesses and with government agencies. According to the BSA letter, “Cyber Threat Information Sharing Legislation will promote cybersecurity and protect sensitive information by enabling private actors in possession of information about vulnerability and intrusions to more easily share that information voluntarily with others under threat, thus enabling the development of better solutions faster.” That wording fired up the nonprofit Fight for the Future, which launched a campaign generating more than 23,000 emails targeted at the letter’s signatories. In a statement, the signatory to the letter Salesforce’s Chief Legal Officer Burke Norton confirmed: “At Salesforce, trust is our number one value, and nothing is more important to our company than the privacy of our customers’ data. Contrary to reports, Salesforce does not support CISA and has never supported CISA.” Source: Diginomica

You better watch out, FBI says

sh_wire transfer_280The FBI has issued a renewed warning about what it calls the Business Email Compromise, a scam being used against companies that use wire transfers for payments of bills of foreign suppliers. The scam generally starts with socially engineered phishing, which occurs when someone gets an email that lures a person into downloading an attachment with malware or clicking on a link that downloads malware. In one version of the Business Email Compromise scam, the bad guys steal information through the malware that enables them to appear to be an executive with the targeted company or a third-party vendor of the company who instructs someone to wire money to a bank account purporting to be for a third-party vendor with which the targeted company has a business relationship. In this case, the wired funds may then go through several money laundering transfers before ending up at banks in China or Hong Kong, according to the FBI. Source: USA Today

 

The post Social Security numbers too precious to risk appeared first on Third Certainty.

Offer 24/7 CyberScout Protection

CyberScout's partnership options help you safeguard the identity and privacy of your policyholders, customers, members and employees. Discover how a customized program can help build brand loyalty, customer retention, and quickly generate long-term recurring revenue.

Get Started