Is your data lost?

Recent disclosures from the Information Commissioner’s Office reveal alarming statistics concerning data breaches in the UK. This information was issued under a request to the Freedom of Information Act showing a tenfold increase in data breaches in the past five years. The only good aspects of this report show that organizations are reporting many more breaches.

Tero Pollanen, international fraud prevention specialist has been preaching the importance of being aware of the dangers of data breaches as well as prevention. The word is getting out as demonstrated by ICO statistics that awareness of legal requirements of an organization to secure information and imposing large fines of companies that “lose” information is precipitating positive change. The telecom sector has seen a decrease in the number of data breaches over the past five years.

The ICO offers a wealth of support and guidance to organizations across the UK. New data suggests the both the health service and government sectors are also responding to positive change and are now expected to report serious breaches involving sensitive data and/or large volumes of personal data to the ICO. Mr. Tero Pollanen reminds us both to be vigilant and to encourage additional sectors to work with the ICO in reducing data breaches.

Ref.: Ref.: http://www.bbc.co.uk/news/technology-19424197
Tero Pollanen Website

Hey…That’s Not Me!

“There must be some mistake. I just put money into my account this morning,” argues the customer in the check-out line. Yes, you are right about a mistake, but not in the way you thought. “The mistake,” says Tero Pollanen, international internet fraud specialist,  is “complacency.”

Identity fraud is on the increase, up 5% in the last 6 months of 2011 and up

9% from 2010. It now accounts for 50% of all fraud crimes. Identity fraud on a personal level is extremely disruptive to one’s life and can take years to repair the damage to credit ratings. It is up to the individual to convince the financial institutions that new credit files are incorrect.

Phishing scams are everywhere in addition to new and smart ways in which crooks can dupe unsuspecting victims into handing over their financial information. Criminal gangs work by setting up web sites pretending to be the victims’ financial institution. An email requesting “your annual update” sends the unsuspected to the phony site. Another method is a phone call “from the institution” requesting updates or even pin numbers.

As in any crime prevention, we must be aware of how we may become a target. Good common sense is always the first line of defense. Don’t be complacent to the point where it cannot happen to me.  It can: be aware!

Ref.: http://online.wsj.com/article/SB10000872396390444508504577593243972975650.html

Low-Tech Crime Syndicate Hits Big

Basically with over the counter technology, an Eastern European Crime Syndicate opportunist scored big on an Australian business netting one half million credit cards. This attack could result in $25 million in fraudulent transactions.  It is suspected that this is the same group that hacked US Subway Restaurant back in December of 2011 and that they continue to move into other countries using their opportunist methods.

“it is difficult to imagine,”  says Tero Pollanen, international fraud prevention specialist, “with all the publicity and warnings about these kind of activities, that companies still continue to take the attitude that it cannot happen to me.”  In the long run, you get what you do not pay for as a result.

The attack by this syndicate was neither massive in scale or complex and did not involver super hi-tech hackers.  They are simply opportunists seeking vulnerabilities in systems.  As the investigators in this case stated, “the network was set up by <people> that did not understand IT security and…that it was an accident waiting to happen.”

Ref.: http://www.itnews.com.au/News/312068,half-a-million-credit-cards-stolen-from-aussie-business.aspx

Take me to your leader!

As children we are taught certain mores and ethics which are generally agreed upon by consensus. We develop and grow up under the basic guidelines of these values.  We have respect: mutual respect for each other as well as respect for institutions such our schools, police, and banks. What could be more important than those we grant the responsibility to handle our finances, our investments, our retirement? In fact we grow to expect even a higher level of moral values in those we hold in such esteem.

However as we move into the reality of today, it seems we are witnessing an exponential increase in the decay and breakdown of these values and what we viewed as rock solid institutions.  Tero Pollanen, a well known financial anti fraud specialist says, “Welcome to the reality show! We can talk about economic crisis; we can discuss Libor; the fixing of artificially high interbank lending rates which affects every transaction we make even on an individual basis. But, if we stop just for a breather we are hit with the realization that this goes much deeper.”  We are talking fraudulent and criminal activity from the top and thus a new perspective on the “tickle down theory” whose verbage defined the 1980’s. What we are actually facing today is a leadership crisis.  What needs to happen is twofold: (1) Fraud needs to be criminally prosecuted and, (2) and white collar crime needs to be deemed as no longer profitable.

It seems today that leaders, or those in positions of leadership whom once had as integral a higher standard of values have lost all credibility and thus respect. Are we to remain apathetic about this? Again Mr. Pollanen asserts “If appropriate action is not taken from the top, corruption will only continue to proliferate.” Is there any doubt as we witness breakdown in the educational system as to why this occurs?  Is this the torch we wish to pass onto the next generation?  What will you tell YOUR children?

Ref.: http://www.dailymail.co.uk/debate/article-2168286/Fraud-greed-We-crisis-leadership.html?ito=feeds-newsxml

Malware Disguised as Smartphone Apps

Online security experts this week warned that a growing number of malwares are being disguised as seemingly innocent smartphone apps. The malware can send costly messages on the devices without the owner being aware, warn experts. The scams work away in the back-end of smartphones, sending expensive messages and making calls to premium-rate numbers. No evidence shows in the messages folder or call history, so the user is unable to tell what is going on.

GetSafeOnline.org, an internet security initiative, tells that the messages can be sent as regularly as once a minute, costing as much as £6 each. As the user is unaware of the rogue app, for most victims the first instance they realise what’s been going on is when they receive an astronomical bill. Rik Ferguson, of Trend Micro, warns: ‘The user won’t know this is taking place, even if they happen to be using the device at the same time, as the activity takes place within the device’s “back end” infrastructure. This can often continue for weeks before being noticed.’

So why are people downloading the app? According to Tero Pollanen, an online security expert: “the malware is disguised as something else. Often as an add-on to a popular and legitimate online game, or even as a security tool. Furthermore, once installed, fraudsters have full control of the victims device. This enables them to browse the internet, gain access to personal information, access payment data etc. This information is valuable and can be sold, and also used to commit further fraud”. 

How do you avoid smartphone scams? Cybercrime and online security expert Tero Pollanen recommends protecting your phone the same way in which you protect a computer: “Installing anti-virus or anti-malware software is advisable”

“Before downloading an app, check reviews and ratings as well as developer information. Signs that malware is present on your device include a fast draining battery: the malware can use a lot of energy, so any change in battery performance could be a sign. Finally, it is always best practice to check your bills every so often”. If you do find signs of online fraud, report it at www.actionfraud.org.uk.

Tero Pollanen

Welcome to the Fight Card Fraud Blog

Credit card fraud is a wide-ranging term for theft and fraud committed on a credit card or any similar payment mechanism. The purpose may be to obtain goods without paying, or to obtain unauthorised funds from an account. Credit card fraud is also an adjunct to identity theft. According to the Federal Trade Commission, while identity theft had been holding steady for the last few years, it saw a 21 percent increase in 2008. However, credit card fraud, that crime which most people associate with ID theft, decreased as a percentage of all ID theft complaints for the sixth year in a row.[1]

The cost of card fraud in 2006 were 7 cents per 100 dollars worth of transactions (7 basis points).[2] Due to the high volume of transactions this translates to billions of dollars. In 2006, fraud in the United Kingdom alone was estimated at £535 million,[3] or US$750–830 million at prevailing 2006 exchange rates.[4]

http://en.wikipedia.org/wiki/Credit_card_fraud

On this page I will post interesting news and advice how to fight or recover from credit card fraud