2010 Census to begin proceed with caution
By karen | January 31, 2010
With the U.S. Census process beginning, the Better Business Bureau (BBB) has advice so people can avoid becoming a victim of fraud or identity theft. U.S. Census workers have begun verifying the addresses of every household across the country. Eventually, more than 140,000 U.S. Census workers will count every person in the U.S. and will gather information about every person living at each address.
How to tell the difference between a U.S. Census worker and a con artist:
If a U.S. Census worker knocks on your door, they will have a badge, a handheld device, a Census Bureau canvas bag, and a confidentiality notice. Ask to see their identification and their badge before answering their questions. However, you should never invite anyone you don’t know into your home.
REMEMBER, NO MATTER WHAT THEY ASK, YOU REALLY ONLY NEED TO TELL THEM HOW MANY PEOPLE LIVE AT YOUR ADDRESS.
DO NOT give your Social Security number, credit card, or banking information to anyone, even if they claim they need it for the U.S. Census. The Census Bureau will not ask for Social Security, bank account, or credit card numbers, nor will employees solicit donations. Any one asking for that information is NOT with the Census Bureau.
While the Census Bureau might ask for basic financial information, such as a salary range, YOU DON’T HAVE TO ANSWER ANYTHING AT ALL ABOUT YOUR FINANCIAL SITUATION.
AND REMEMBER, THE CENSUS BUREAU HAS DECIDED NOT TO WORK WITH ACORN ON GATHERING THIS INFORMATION.. No Acorn worker should approach you saying he/she is with the Census Bureau.
Eventually, Census workers may contact you by telephone, mail, or in person at home. However, the Census Bureau WILL NOT contact you by Email, so be on the lookout for Email scams impersonating the Census.
NEVER click on a link or open any attachments in an Email that are supposedly from the U.S. Census Bureau.
For more advice on avoiding identity theft and fraud, visit www.bbb.org; PLEASE SHARE THIS INFO WITH FAMILY AND FRIENDS.
Topics: Announcements, blog home, karen lodrick's blog | No Comments »
Chinese government penetrates American and other cyber networks
By karen | January 26, 2010
It is now a known fact China is aggressively developing cyberwarfare.
Latest Report shows, China is conducting the most sophisticated cyberspying.
One example, in April of ‘09 there were attacks into a U.S. defense contractor’s network that resulted in stolen data about the design of the F-35 “Lightning II” fighter system and its electronics systems.
Keystroke logs of intrusions leave little doubt that the Chinese government is behind the attacks. In some cases the intruders went to the same intrusion sites a hundred times a day. What is known is there have been 5,488 breaches of U.S. government computers, and 54,640 incidents of malicious cyber activity against the Department of Defense.
The U.S. government and private industry seem to be in a reactive role, detecting intrusions and information losses only after the fact.
China’s growing cyberwarfare capabilities aren’t solely directed at the U.S. Leaders in Britain and Germany have voiced concerns, too.
The lack of cooperation between the US government and the private sector make efforts to coordinate standards and policies almost impossible. The Department of Homeland Security and the National Security Agency are still arguing about which one should have priority.
The Pentagon has made more progress by creating a unified “United States Cyber Command” that will be fully operational by October 2010. Under this plan the National Security Agency (NSA) will function as the headquarters of the U.S. Cyber Command, with each of the military services putting together their own subordinate cyber commands.
According to Melissa Hathaway former director for US cyber security, we need international alliances on cyber security, better sharing of threat information with the private sector by government, and more open private-sector cooperation. More cooperation would provide a common picture of the threat and support a coordinated response.
In China there appears to be a centralized, coordinated and successful effort to penetrate American and other cyber networks. The U.S. and its allies, by contrast, so far seem to lack a concentrated, well-led cyber defense.
READ original story in the Wall Street Journal.
Topics: Announcements, blog home | No Comments »
Obama’s cybersecurity coordinator “czar” Howard Schmidt
By karen | January 26, 2010
Howard A. Schmidt, who was a cyber-adviser in the Bush’s years, will be Obama’s new cybersecurity coordinator.
Before he joined the Bush White House, he worked as chief security officer at Microsoft. He then became vice president and chief information security officer at eBay. He served in the Air Force from 1967 to 1983 in various roles, both active-duty and civilian, and headed the computer exploitation team at the FBI’s National Drug Intelligence Center in the 1990s.
He is now president of the Information Security Forum, a nonprofit consortium of corporations and public-sector organizations working to resolve cybercrime and cybersecurity issues.
“He has many of the qualities and connections that one would think would be good for the position,” said a colleague who spoke on the condition of anonymity in order to be candid. “He is a team player. I don’t have high expectations for that position as it is currently defined, so he’s very possibly overqualified for it.”
READ the full version of this story at the Washington Post.
Topics: Announcements, blog home | No Comments »
Sabotaging The System (60 Minutes episode - Sunday November 8, 2009)
By karen | November 15, 2009
Topics: Messages From Others, blog home, karen lodrick's blog | No Comments »
Where is Maria Nelson aka identity thief?
By karen | September 15, 2009
A visitor to Karen Lodrick website has submitted the following information:
Name: Reginald Smith
Address:
Phone:
Email:
Specific Request:
Comments:
I just thought you might like to know if you aren’t already aware that Maria Nelson is currently serving prison time at Valley State Prison For Women in Chowchilla and when she paroles she has a hold that will take her to the Federal Courts where she is facing a lot of time. I met during a visit to the prison when I was visiting my sister. Â She continues to be very bitter and it is aimed at you. Very strange.
Topics: Messages From Others, blog home, karen lodrick's blog | No Comments »
Steps to protect your business against cybercrime
By karen | August 23, 2009
It is estimated business losses from cybercrime are as high as $1 trillion a year worldwide.
Fail-safe protection doesn’t exist. Even the Pentagon, with a brigade of the best computer specialists, gets hit repeatedly.
Crooks will go where the taking is easiest, just as car thieves will grab a radio from an unlocked car before going through the trouble of breaking into a locked car.
Many small businesses have no protection. One in five do not even have antivirus software, and more than half don’t use encryption for wireless links. Two in three have no formal security policy, essentially banking on good luck that they won’t be victimized.
Computer safety doesn’t have to cost you a fortune. Some basic steps to take:
- Install security software that includes antivirus, anti-phishing, anti-spyware and network wide anti-intrusion features and with automatic updating. The subscription cost is not much, about $100 a year. Check out Kaspersky Lab
- Set up a firewall to protect all confidential information. Use multiple walls to guard your most sensitive data or keep it on a separate server or on paper. Use so-called smart passwords with numbers, letters and symbols, and change them periodically. See my article on creating passwords.
- Be sure to block access to your network to ex-employees. Beware of disgruntled workers who may be out to get you through computer stealth. Give employees in different departments and positions access only to parts of the network they need.
- Also, examine anyone who buys advertising on your Web site. This, too, can be a source of malicious software. A personal phone call can trip up those who buy ads and use them to lure your customers to phony sites.
- Train employees in safe computer practices. It’s the most important best practice and often overlooked by companies. Let them know that visiting nonwork-related sites puts the firm at risk. 80% of malware is downloaded unknowingly at adult pornography sites.
- Opening attachments from unknown sources can render a firewall useless. Laptops carried out of the office or left at a business conference are prime targets for theft.
- Also, consider contracting with a certified hacker or white hat to test your system regularly and to offer guidance to your in-house computer staff.
Topics: Helpful Resources, blog home, karen lodrick's blog | 1 Comment »
Largest case of computer crime and identity theft ever prosecuted
By karen | August 17, 2009
The three culprits, one American and two unnamed Russians, are responsible for stealing more than 130 million credit and debit card numbers in 2007. They infiltrated the computer networks of Heartland, a credit card payment processing center, as well as several national retailers and supermarket chains.
A portion of the credit card numbers were then sold online and some of the numbers were used to make unauthorized purchases and withdrawals from banks.
The primary culprit, Albert Gonzalez, 28, of Miami, has a long history in white collar crimes.
Mr. Gonzalez was arrested in May last year in conjunction with another high-profile data theft at the Dave & Buster’s restaurant chain. He has also been indicted in other thefts of credit and debt cards, including the much publicized 2005 data breach of TJ Maxx stores.
The irony Mr. Gonzalez once worked with federal investigators. In 2003, after being arrested in New Jersey on hacking charges, he worked to help the U.S. Secret Service identify an online underworld where stolen credit and debit card numbers are bought and sold.
How did they do it?
They went through the list of Fortune 500 companies and decided which corporations they would target. Then, they visited their stores to monitor which payment systems were being used. Their online attacks took advantage of flaws in the SQL programming language, which is commonly used for databases.
The defendants placed malware “sniffer” programs onto the corporate networks, which intercepted credit card transactions in real time and transmitted the numbers to computers they had leased in the United States, the Netherlands and the Ukraine.
The conspirators attempted to erase all digital footprints left by their attacks but failed.
Will they get 35 years in prison?
It seems each defendant faces the possibility of 35 years in prison and more than $1 million in fines, or twice the amount they made from the crime, whichever is greater. But we shall see what the actually sentence truly ends up being. Unfortunately, white collar crimes still don’t get much in the way of punishment and so they continue to be the fastest growing.
It seems Mr. Gonzalez lived a lavish lifestyle in Miami, once spending $75,000 on a birthday party for himself and complaining to friends that he had to manually count thousands of $20 bills when his counting machine broke.
What should the banks and businesses do
Heartland, one of the world’s largest credit and debit card payment processing companies, had announced in January that its network had been breached but declined to provide many details which is common practice and perfectly legal. These laws need to be changed because it creates many security violations to consumers.
This case is just more evidence that retailers and banks need to strengthen their industry standards and encrypt credit card numbers when they are transmitted between computers. Currently, major banks only agree to encrypt such data when it is stored.
Topics: blog home, karen lodrick's blog | No Comments »
Avoid phishing scams
By karen | August 9, 2009
Phishing has been around a while now and I’m sure almost all of us have heard the term.
Phishing is email scams that try to get you to divulge your personal information; such as usernames, passwords, credit card numbers, social security numbers, date of birth, etc to steal your money or identity.
They are getting more sophisticated by sending scam emails that look like they are from your bank, a government agency, or another well-known/reputable company. So it’s good to know what you can do to avoid falling prey.
Be suspicious of any email with urgent requests for personal information
Don’t use suspicious links in an email, instant message, or chat
Avoid filling out forms in email messages that ask for personal information
Always ensure that you’re using a secure website when submitting credit card or other sensitive information. Get in the habit of looking at the address/URL.
Consider installing a Web browser tool bar to help protect you from known fraudulent websites. These toolbars match where you are going with lists of known phisher Web sites and will alert you.
- Internet Explorer version 7
- FireFox version 2
- EarthLink ScamBlocker – download at http://www.earthlink.net/earthlinktoolbar
Ensure that your browser is up to date and security patches applied
Have ANTI-SPYWARE on your computer, keep it updated.
Help by reporting “phishing” e-mails, forward the emails to:
1. reportphishing@antiphishing.org
2. The Federal Trade Commission at spam@uce.gov
3. The company that is being spoofed
4. The Internet Crime Complaint Center of the FBI by filing a complaint: www.ic3.gov/
Topics: Helpful Resources, blog home, karen lodrick's blog | No Comments »
Child pornography cybercrime needs to be stopped
By karen | July 31, 2009
Warning: The material on this page is graphic and not intended for children.
I watched an upsetting Oprah show today. And even though, it was almost impossible to watch I feel, it is important to bring awareness to this horrific cybercrime activity.
It’s estimated that more than 5 million pornographic pictures and videos of children are circulated on the Internet every day.
Topics: blog home, karen lodrick's blog | No Comments »
12 things you can do to keep your child safer online
By karen | July 31, 2009
A quick checklist to get you started on the road to Internet safety.
1. Buy all the safety software you need and use good filtering tools.
Keep them current and use them unfailingly—as automatically as locking your door when you leave the house.
2. Discuss online safety with your family and friends.
Decide together how you will help protect each other online and set rules that reflect your personal and family values. Decide what activities are okay and what information it’s fine to give out and to whom.
3. Be selective about who you interact with online and what information you make public.
The risks are relatively low when you stick with people you know—your family and friends. Going into public chat rooms or opening your blog up to the general public, for example, significantly increases your risk. Think before you post online information that can personally identify you, a family member, or friend in public place. (That means in a public blog, in online white pages, on job hunt sites, or in any other place anyone on the Internet can see.) Sensitive information includes birth date, gender, town, e-mail address, school name—even photos. This information can be used to help someone find you or steal your identity.
4. Pay attention to the risks of e-mail.
Think twice before you open attachments or click links in e-mail—even if you know the sender—as these can be used to transmit spam and viruses to your computer. Never respond to e-mail asking you to provide personal information, especially your account number or password, even if it seems to be from a business you trust. Reputable businesses will not ask you for this information in e-mail.
5. Put your family computer and Internet-connected game consoles in a central location.
A family room or kitchen makes a good place where you can watch over your children’s online activity.
6. Never, ever meet in person someone you’ve met online without taking somebody else along.
Remember, people are not always who they say they are.
7. Review the features on your children’s cell phones.
Can they download images from the Internet, use instant messaging, or access services that allow others to pinpoint their location? All of these features could be a cause for concern, depending on your child’s maturity and situation.
8. Find out how and where to report abuse.
Create an environment that encourages your kids to report abuse to you. Acting as a responsible Internet citizen can help stop the illegal activity, harassment, and predatory behavior of online criminals.
9. Don’t trade personal information for “freebies.”
(Good advice for kids, too.) Just as in the physical world, if it sounds too good to be true, it probably is. Unwanted software like spyware and viruses often piggybacks on software that’s “free.”
10. Check out the safeguards on computers your child uses outside the home…
At his or her school, the public library, and the homes of your child’s friends.
11. Choose a safe online name.
Use e-mail addresses, IM names, chat nicknames, and other such names that don’t give away too much personal information. Pick a name that doesn’t help identify you (your age, for example) or locate you. Avoid flirtatious or provocative names that may cause unwanted attention.
12. Sit down with your child regularly to review Internet contacts and activity…
Buddies, blogs, browser history, image files, music downloads, and so on. Let them know you’ll do this periodically. Explain that this is not to violate their privacy, but to protect them and the family from risks.
Visit Oprah.com to Help Pass The Adam Walsh Act
Topics: Helpful Resources, blog home, karen lodrick's blog | 2 Comments »
« Previous Entries