Did you know that cyber
crime is a multi-billion
dollar industry? Probably
not. You probably also didn't
realize that your personal
data is the currency. We've all seen films and TV
shows where millions of
dollars were stolen from
banks by young, attractive
bad boys (who just happen to
also be computer experts). While this may occasionally
happen, real cyber crime at
the consumer level occurs
one credit card at a time, one
phishing scam at a time, one
identity theft at time-and usually by organized
criminals. Cyber crime is a reality. So,
question becomes: how do
we keep our personal data
out of the mix? Hindsight is 20-20 and, as a
result, one of the best ways to
learn what to do in the event
of a security breach is to
learn from the mistakes of
others. Below are two examples of hacks we can
learn from: The Epsilon Security Breach In April, Epsilon, an email
marketing company that is
responsible for sending out
promotional email for large
retailers like Sears and
Target, was severely hacked. Since Epsilon's databases
don't store large quantities of
consumer credit card
information, no real data
was stolen except for
consumer names and email addresses and the retail stores
that those consumers
frequented. Though the Epsilon security
breach didn't allow credit
card or other sensitive
information to be stolen, this
data breach did set up
consumers to become the victim of phishing scams.
The problem is, that after
receiving promotional
emails from trusted
companies like Sears over
many months, loyal customers can be presented
with fake emails from
places far away (Yugoslavia
perhaps) that send them to
equally fake websites-
without ever noticing they've been tricked. These websites, set up to look
just like the real company
websites, are designed to con
consumers into entering
private information -- credit
card information, for instance. When faced with
such deceptive websites,
studies show that 1 in 7
consumers fall for a
phishing attack. A tip that every consumer
should know: never let
yourself be led to a website
from a link within an email.
If you didn't enter the site
address yourself or pick it from your favorite list, just
don't go there. It could be
part of a sophisticated scam. The Sony Data Breach The second instructive and
most visible breach
surrounds Sony and the
various times this
corporation has been hacked
over the past few months. Hackers breached Sony's data
center in late April 2011 and
extracted millions of user
accounts that contained
personal information-
including credit card numbers. In the days
following the attack, there
was a reported auction of
100,000 credit cards, each of
which would be used for
fraud. There are two lessons about
how not to become a victim
that consumers can learn
from this breach. 1. If you have a credit card in a
network that has been
breached, cancel it
immediately. Canceling a
card takes minutes,
recovering from credit card fraud or identity theft might
take weeks. The potential
damage done could affect
your credit score for years. 2. Another way to protect
yourself is to sign-up for a
low limit credit card to use
when making purchases on
the Internet. In this case, if a
breach did occur, at worst you'd be out a few hundred
dollars but your primary
financial world would be
intact. Protecting Your Data Overall, it is important to
think about the information
you put in the hands of
companies. Only a fraction
of the breaches that take
place actually get reported. To make matters worse,
many companies don't
recognize when they have
been breached. Epsilon, for
instance, discovered their
breach by accident several weeks after the event. The
more places you trust your
data, the higher the odds
you'll be one of the millions
of consumers who become a
victim of cyber crime. Alan Wlasuk is the Managing
Partner of 403 Web Security,
a full service secure web
application development
company headquartered in
Indianapolis, Indiana. From web security evaluation to secure web development and
remediation, 403's seasoned
developers have secured web-
based applications against
hackers and security
breaches. To learn more about 403 Web Security or for
a complementary
vulnerability scan of your
website, please visit www.403.WDDinc.com . Article Source: http:// EzineArticles.com/?
expert=Alan_Wlasuk
0 komentar:
Posting Komentar
Mohon tinggalkan komentar untuk kemajuan blog ini: