Identity Theft Hits Home

 

DataBreach
Image courtesy of www.invincea.com

In lieu of several recent incidents of identity theft affecting various members of The School of Law and The University of South Carolina’s community as a whole, we felt it extremely important to remind you to take every precaution to protect your identity and that of your family’s.

The protection offered to South Carolinians after the huge data breach during 2013 and 2014 expired at the end of 2014 contract period. It was then up to each individual to renew their identity protection either through the existing company, Lifelink, at a cost, or change to CSID, for continued free protection for up to one additional year.

The data hacking in South Carolina affected an estimated 3.6 million social security numbers, 3.3 million bank account numbers, 387,000 credit card records, and information for nearly 700,000 businesses.

The state agreed to pay up to $12 million to enroll those who had filed state tax returns in a credit-monitoring service provided by Experian, called ProtectMyID. The deadline for enrolling in this was January 31, 2013.

Once the year of free protection ended, the state gave the option of continuing with Experian for a fee or switching to CSID for an additional free year. There is currently no news as to wheather the state will pay for and extention for another year.

Many people never renewed under either plan. Unfortunately, the theives were waiting for us to become comfortable and to believe that we were past the point of harm. It’s recently become apparent that we are still highly at risk.

If you aren’t currently protected, consider enrolling in the free plan until you can research the companies providing identity protection and pick one more suitable to your needs. Enrollment is still available; however, this free subscription will end October 1, 2016. Go the the following link and register each individual in your household:

https://www.csid.com/scidprotection/

It is also important to contact each of the three Credit Bureaus and place a fraud alert or security freeze on your credit files. The website below list gives you a list along with current contact information:

http://apps.suzeorman.com/igsbase/igstemplate.cfm?SRC=MD012&SRCN=aoedetails&GnavID=84&SnavID=20&TnavID=&AreasofExpertiseID=6

If you have a business that will be affected, you should contact Dun & Bradstreet Credibility Corporation for instructions on what to do using the following information:

Call 1-800-279-9881 to complete the process with a live agent. Hours of Operations: Monday – Friday: 8:00 a.m. -8:00 p.m. EST.

Go to their website at www.DandB.com/SC

The South Carolina Department of Consumer’s Affairs is an excellent place to get information about protecting your identity and where you should begin if you are a victim. Please refer to the following link:

http://www.consumer.sc.gov/consumer/IdentityTheft/Pages/default.aspx

The program, Identity Finder, is available through the Law School’s IT Department for use per request. This program scans your hard drive for any reference to personal identifiers such as social security numbers, driver’s license numbers, bank account information, etc. and will give you the option to shred these documents, or encrypt them. IT will provide documentation and training as needed. The program displays as follows:

Identity Finder

Remember that as long as millions of South Carolinian’s personal information was compromised, we could be affected for years to come. Protect yours and your family’s identity at all cost.

FBI: $2.3 Billion Lost to CEO Email Scams

Thursday, April 7th, 2016

The U.S. Federal Bureau of Investigation (FBI) this week warned about a “dramatic” increase in so-called “CEO fraud,” e-mail scams in which the attacker spoofs a message from the boss and tricks someone at the organization into wiring funds to the fraudsters. The FBI estimates these scams have cost organizations more than $2.3 billion in losses over the past three years.

In an alert posted to its site, the FBI said that since January 2015, the agency has seen a 270 percent increase in identified victims and exposed losses from CEO scams. The alert noted that law enforcement globally has received complaints from victims in every U.S. state, and in at least 79 countries.

pm1
A typical CEO fraud attack. Image: Phishme

Continue reading FBI: $2.3 Billion Lost to CEO Email Scams

Microsoft is putting Windows 10, Cortana at the center of smart homes

smart-home-100647684-primary_idge
A display for the newly formed Open Connectivity Foundation at Mobile World Congress 2016 shows a model smart home, in a file image captured on Feb. 25, 2016. Credit: Stephen Lawson

Windows 10 will be able to support more IoT devices with new standards coming in 2017

By Agam Shah

IDG News Service | Apr 1, 2016

Are you too lazy to open the door or switch on a light? Let Windows 10 and its Cortana voice-activated digital assistant do the job for you.

Microsoft’s vision is to make home automation a breeze in Windows 10, and the company featured several related Internet-of-things announcements at its ongoing Build conference.

Windows 10 will work with a wider range of devices and appliances by integrating new Open Connectivity Foundation (OCF) protocols, scheduled to be released in 2017. Additionally, Cortana will allow users to easily automate tasks using a Windows PC, mobile device, Xbox console or Raspberry Pi 3.

Continue reading Microsoft is putting Windows 10, Cortana at the center of smart homes

Amazon goes after patent so you can pay by selfie

selfie
Credit: Eugenio Marongiu/Shutterstock

Forget passwords, users would shop on Amazon by clicking a selfie or video

By Sharon Gaudin

Computerworld | Mar 16, 2016 12:43 PM PT

Amazon filed a patent application for a technology that would enable users to pay for purchases using a selfie.

The U.S. patent application is for image analysis technology for user authentication.

“The process identifies the user and verifies that the user requesting the transaction is a living human being,” the application states. “The user is identified using image information, which is processed utilizing facial recognition.”

Amazon explains that the user authentication would work by verifying that the image or video is of a live human using one or more “human-verification” processes. The device would then prompt the user to perform a specific action, such as making a specific hand gesture or blinking the left eye, to confirm the transaction.

Continue reading Amazon goes after patent so you can pay by selfie

11 signs you’ve been hacked — and how to fight back

Hacked
Photo courtesy of InfoWorld and StaticWorld

By Roger A. Grimes

Redirected Net searches, unexpected installs, rogue mouse pointers: Here’s what to do when you’ve been 0wned

In today’s threatscape, antivirus software provides little piece of mind. In fact, antimalware scanners on the whole are horrifically inaccurate, especially with exploits less than 24 hours old. After all, malicious hackers and malware can change their tactics at will. Swap a few bytes around, and a previously recognized malware program becomes unrecognizable.

To combat this, many antimalware programs monitor program behaviors, often called heuristics, to catch previously unrecognized malware. Other programs use virtualized environments, system monitoring, network traffic detection, and all of the above at once in order to be more accurate. And still they fail us on a regular basis.

Here are 11 sure signs you’ve been hacked and what to do in the event of compromise. Note that in all cases, the No. 1 recommendation is to completely restore your system to a known good state before proceeding. In the early days, this meant formatting the computer and restoring all programs and data. Today, depending on your operating system, it might simply mean clicking on a Restore button. Either way, a compromised computer can never be fully trusted again. The recovery steps listed in each category below are the recommendations to follow if you don’t want to do a full restore — but again, a full restore is always a better option, risk-wise.

Continue reading 11 signs you’ve been hacked — and how to fight back

Fight, Apple, fight: Don’t let the feds kill our security

apple-data-centers-company-tech-news-100636565-primary_idge

The Deep End  By Paul Venezia

We either have strong encryption and unassailable digital privacy, or we have total madness

InfoWorld | Mar 14, 2016

The last few turns in the Apple/FBI fiasco have been illuminating and highly disturbing — it’s becoming a war. Late last week, the Department of Justice filed a motion against Apple that included this incendiary tidbit: “Apple’s rhetoric is not only false, but also corrosive of the very institutions that are best able to safeguard our liberty and our rights.”

Apple’s public response called out the DOJ on a number of issues, not the least of which was in reference to that charge: “Everyone should beware, because it seems like disagreeing with the Department of Justice means you must be evil and anti-American. Nothing could be further from the truth.”

Continue reading Fight, Apple, fight: Don’t let the feds kill our security

4 reasons not to pay up in a ransomware attack

ransom-ware-100360084-primary_idge
Credit: Shutterstock

Ransomware attacks are on the rise. Here are four good reasons why you shouldn’t pay to get your data back — and one reason why people do

By Fahmida Y. Rashid

InfoWorld | Mar 14, 2016

When a demand for your money or your data pops up on a critical system, you have only a short period of time to decide whether to respond to a ransomware attack.

Online extortion is on the increase, as criminals use a variety of attack vectors, including exploit kits, malicious files, and links in spam messages, to infect systems with ransomware. Once all the files have been encrypted, victims can either try to recover the files on their own or pay the ransom. While there have been some exceptions, victims are seldom able to break the encryption and restore access. More often, successful circumvention of a ransomware attack involves wiping the affected systems and promptly restoring everything from clean backups. Continue reading 4 reasons not to pay up in a ransomware attack

Beware of iOS hiding your email messages

Credit: Kārlis Dambrāns/Flickr and ComputerWorld

Computerworld | Mar 2, 2016

Here’s how the bug makes its presence known. (And, yes, it’s an intermittent bug, which is tech support’s favorite phrase.) Let’s say you just downloaded 50 email messages. As you scan your mobile inbox, you notice four messages that you need to respond to right away. The others are junk that you want to delete now so that you can focus on the critical ones.

You then choose “Edit” and select everything other than the four important messages. You select “Trash” and, poof! Everything disappears. But wait, I specifically did not delete those four crucial messages. What happened?

When this delightful bug first hit me, I thought that I might have accidentally selected the “Delete All” option within the latest iOS email. When it happened again, though, I was ultra-careful and it did the exact same thing.

Continue reading Beware of iOS hiding your email messages

Government hints it may demand iOS source code, signing key

source-code-thinkstock-100573519-primary_idge
Image courtesy of Computerworld

Not-so-subtle threat that if Apple won’t comply with court order, there’s a Plan B … which could be a Lavabit-like ultimatum

By Gregg Keizer

Computerworld | Mar 11, 2016 12:24 PM PT

The government yesterday hinted that it may demand that Apple hand over the iOS source code and the encryption key the Cupertino, Calif. company uses to sign updates if it won’t comply with a court order to help authorities unlock an iPhone.

In a footnote in a Thursday brief, the Department of Justice (DOJ) said it would be happy to have Apple’s source code and digital signing key.

Yesterday’s brief was the latest volley by the DOJ in its efforts to force Apple to help the Federal Bureau of Investigation (FBI) access information stored on an iPhone used by Syed Rizwan Farook. Along with his wife, Tafsheen Malik, Farook killed 14 in San Bernardino, Calif. on Dec. 2, 2015. The two died in a shootout with police later that day.

The government has labeled the attack an act of terrorism. Continue reading Government hints it may demand iOS source code, signing key