Category Archives: Agencies

Agencies description goes here

National Security Agency Broke Privacy Rules, Audit Finds

The National Security Agency (NSA) has been spying on Americans. The agency was given broad powers in 2008 and has been accused of overstepping its authority thousands of times. Edward Snowden leaked information that told the world about the agency’s spy programs including the interception of e-mails and data collection of phone calls.

Snowden recently leaked documents to The Washington Post showing that the NSA has repeatedly exceeded its legal powers and broken privacy rules every years since it was granted broad new powers. The internal audit shows violations ranging from unauthorized surveillance of Americans or foreign intelligence targets in the United States to the “unintended interception” of U.S. e-mails and telephone calls.

The documents provided to the Washington Post showed that Congress wasn’t even aware of some of the details that the NSA was pulling from its programs. One document instructed agency personnel to remove details and substitute more generic language in reports that went to the Justice Department and the Office of the Director of National Intelligence.

Another document showcased the “unintended  surveillance” of Americans. The Washington Post reports, “A notable example in 2008 was the interception of a ‘large number’ of calls placed from Washington when a programming error confused the U.S. area code 202 for 20, the international dialing code for Egypt, according to a ‘quality assurance’ review that was not distributed to the NSA’s oversight staff.”

The once-secret Foreign Intelligence Surveillance Court was also kept in the dark about some of the NSA’s spy programs and the information being gathered. The court did not learn of new collections methods until months after it had been in use. When it did find out about the new collection method it ruled it unconstitutional.

The Obama administration has attempted to remain quiet about the NSA.  The first excuse was that Continue reading National Security Agency Broke Privacy Rules, Audit Finds

FBI warns OS X Mac Users about Ransomware Purporting to be from FBI

A new version of ransomware is targeting OS X Mac users can claiming that it is coming from the Federal Bureau of Investigation (FBI). It is not malware and it appears as a webpage that uses JavaScript to load numerous windows. It requires that each frame be closed, but for that to happen a fee is requested thus the name ransomware has stuck.

A similar ransomware scam took place in May of 2012 also using the name of the FBI to lure in victims. The latest inception of ransomware uses “FBI.gov” within the URL in attempt to make the warning appear legitimate.

The scam is complicated. The warning that appears accuses victims of violating various U.S. laws, then locks up the victims computer. It claims that to unlock the computer and avoid legal issues, a fee of $300 needs to be paid via a prepaid Visa card. But the scam doesn’t end there. If a victim realizes that there is a scam taking place and attempts to close the windows, more windows (iframes) pop up with the warning.

The actual FBI website reports the simplest way to remove the ransomware’s iframes is to “click n the Safari menu, choose the “Reset Safari” option, making sure all check boxes are selected.” It also suggests holding down the Shift key while relaunching Safari to prevent reopening windows and tabs from the previous session.

“Ransomware messages are an attempt to extort money. If you have received a ransomware message, do not follow payment instructions. Be sure to file a complaint at www.IC3.gov,” says the FBI’s warning report.

All email and internet users should be warned of ransomware scams although the current version is only targeting OS X Mac users. The FBI encourages anyone who has been a victim of ransomware, e-scams, and phishing to contact the Federal Trade Commission at spam@uce.gov.

 

N.S.A. Discussed on House Floor, Won’t be Stopped

A divided House had its first Congressional showdown over the National Security Agency’s surveillance activities on Wednesday, July 24. The 205-to-2017 vote defeated legislation that would have blocked the N.S.A. from collecting vast amounts of phone records.

The classified intelligence program has never been discussed openly on the House floor. Debates ensued and some unusual coalitions took shape. Conservative Republicans teamed up with liberal Democrats to oppose the practices of the N.S.A. and push for legislation that would rein in the intrusive intelligence programs. On the flip side, the Obama administration, not normally friends of the House Republican leadership, joined with them in order to block the legislation.

Representatives Justin Amash, a liberatarian Republican, and John Conyers Jr., a liberal Democrat, can be held responsible for pitting Democrat against Democrat and Republican against Republican on the House floor by writing the legislation that would have limited the N.S.A.’s access of phone records to specific targets of law enforcement investigations. Not the broad dragnets couched as “metadata” collection currently being practiced by the N.S.A.

Although the legislation pitted normal allies against each other, it did create a bipartisan vote on the House floor. Advocates for the legislation have claimed that this is just the first proposal against the N.S.A.’s practices and that many more will follow. Defenders of the N.S.A.’s practices claim that putting the brakes on the agency will cause the nation to be a risk.

Representative F. James Sensenbrenner Jr. (R-WI), one of the principal authors of the Patriot Act which  has given the N.S.A. its power to collect phone records and other data on American citizens, says that the Patriot Act was never meant to create a program that demands the phone records of every American. “The time has come to stop it,” he said.

An open letter in support of the recently disclosed N.S.A. Programs was circulated to undecided members of the House. It attempted the use of scare tactics to urge lawmakers to allow the program to continue.

It read: “Denying the NSA such access to data will leave the Nation at risk. If the relevance standard of section 215 [Patriot Act] does not permit the government to acquire large data collections where necessary to preserve the data and to be able to conduct focused queries based on reasonable suspicion, our counter terrorism capabilities will be severely constrained.”

There is no telling if the open letter had an effect on the undecided members of the House. As it stands right now, the N.S.A. can continue with its dragnet programs.

What do you think?  How secure do you feel as your data is collected under the guise of “national security?”

Combating Harmful Debt Collection Practices: Debt Collectors Respond

The Consumer Financial Protection Bureau (CFPB) has put debt collection companies on notice against harmful debt collection practices. CFPB has also released new tools to help consumers communicate with debt collectors and resolve collection complaints.

CFPB explains that most collection firms treat consumers fairly, but the ones that don’t “can cause financial harm to consumers and undermine the financial marketplace.” The bureau is in the business of protecting consumers. It warns debt collectors that “any entity that is subject to the Consumer Financial Protection Act of 2010 is legally required to refrain from committing unfair, deceptive, or abusive acts or practices that would violate the Act.”

The “Action Letters” Continue reading Combating Harmful Debt Collection Practices: Debt Collectors Respond

Top tips to help you avoid the dirty dozen tax scams this year

Uncle Sam wants you and so do identity thieves!

With tax season here, it’s easy to feel a little nervous and stressed. While nobody likes to pay taxes, even more, nobody likes to be scammed. With the April 15 filing deadline for taxes almost here, last minute filers are at risk for being scammed.

The Center for Internet Security (CIS) offers tips to keep yourself from being caught in one of the many tax scams out there. With identity theft and phishing scams still ranking among the top security concerns, email scams are still at the top for ways scammers can take advantage of you.

Pay attention to emails that offer subject lines about taxes, filing taxes, tax laws, financial loss, damage to reputation. One popular phishing scam includes a subject line about changes in tax laws and invites the recipient to download a document to explain the changes. Once downloaded, the malware in these documents can damage your computer and steal your personal information.

The IRS releases a list of “Dirty Dozen Tax Scams” each year and includes tips about how to protect yourself from online and  phone scams. One popular scam is criminals who call unsuspecting citizens, impersonating charities and asking for donations.

Here is important information to know to avoid being taken in by scammers this tax season: Continue reading Top tips to help you avoid the dirty dozen tax scams this year

When, where, why and how: Credit fraud alerts

credit freeze Have you ever received a letter in the mail from a store, service or bank that warned you that their security measures had been breached but they are sure that your information remained safe and secure?  Did you take their word for it?  Or maybe you did a cursory search of your credit or debit card statement immediately after receiving it just to make sure there were no unnecessary chargers.   Checking for charges is good, but setting up a credit fraud alert may be even better, if not safer.

What is a credit fraud alert?  A credit fraud alert can be set initially for 90 days.  By providing a telephone number, during that time whenever someone tries to open a new account in your name or extend the credit limit to existing accounts you will be contacted.   Don’t worry though, because you can put a code on the account which will lift the alert for legitimate requests that you, a business or a bank is making on your behalf.    Extended alerts as well as alerts specifically designed for active duty military.

Extended alerts are recommended in the event that you have been a victim of identity theft or fraud.  Those may last up to 7 years.  You may also request an additional free credit report when placing an alert on your credit, with access to one free for the 90 alerts and two free available to you for the extended alerts.

Although they are crafted to last for 90 days to 7 years, you can modify or lift your alert prior to the scheduled end date.

Once your receive your credit reports be sure to look for:

  • accounts you did not apply for or open 
  • information about current accounts that is incorrect (such as change of address or balance)
  • unexplained outstanding balances, and;
  • incorrect factual information such as your Social Security Number, names, address or employer.

You can place a credit fraud alert on your credit report by Continue reading When, where, why and how: Credit fraud alerts

Is Your Status Drawing Homeland Security’s Attention? Keywords Revealed

Have you ever wondered which words posted on social networks can draw the attention of Homeland Security and federal analysts? Now, because of the Freedom of Information Act, the list of keywords has now been posted for public view. Many of the keywords are actually pretty self explanatory, although there are a few that are relatively innocent. So the next time you post about an earthquake, are you going to have federal agents knocking down your door?

Actually that’s pretty unlikely. Although these words can trigger an additional look at your profile by investigators, they say they’re really only looking for threats, not general discontent. Unless you make a habit of posting inflammatory tweets and status updates that either suggest the government needs to be punished or seem to be using code words to cover your true intent, the analysts will probably just rubber-stamp you as investigated and nothing more will happen.

What are the disadvantages of social media monitoring? Continue reading Is Your Status Drawing Homeland Security’s Attention? Keywords Revealed

Fear of the FBI hopes to make you respond to this identity theft email

As one of the not so lucky people affected by the Yahoo security break, my email in box and spam box get a lot more work than they used to and some of the plots, plans and scams make me laugh.  Other’s could cause a reader to rapidly respond out of fear.  One thing they all have in common, they are lying to me to get information.  Here is the most recent one you should know about and how you can know this email is fake when and if you get one.

————————-Email stated below

RE:  Federal Bureau of Investigation (FBI) !!! !!! !!! (I am pretty sure that 1) the FBI would not email me and 2) that they would know that it is bad manners and bad writing to use all 9 of those exclamation points.)

Federal Bureau of Investigation
Intelligence Field Unit
J. Edgar Hoover Building
935 Pennsylvania Avenue, NW Washington, D.C.
(Pretty convincing – I give them credit for looking it up)
URGENT ATTENTION: BENEFICIARY
I AM SPECIAL AGENT _____________ (I’ve deleted just in case this Agent truly does exist)  FROM THE FEDERAL BUREAU OF INVESTIGATION (FBI) INTELLIGENCE UNIT, WE HAVE JUST INTERCEPTED AND CONFISCATED TWO (2) TRUNK BOXES AT JFK AIRPORT IN NEW YORK, AND ARE ON THE VERGE OF MOVING IT TO OUR BUREAU HEADQUARTER.
 WE HAVE SCANNED THE SAID BOXES, AND HAVE FOUND IT TO CONTAIN A TOTAL SUM OF $4.1 MILLION AND ALSO BACKUP DOCUMENT WHICH BEARS YOUR NAME AS THE RECEIVER OF THE MONEY CONTAINED IN THE BOXES, INVESTIGATIONS CARRIED OUT ON THE DIPLOMAT WHICH ACCOMPANIED THE BOXES INTO THE UNITED STATES HAS IT THAT HE WAS TO DELIVER THIS FUNDS TO YOUR RESIDENCE AS PAYMENT WHICH WAS DUE YOU FROM THE OFFICE OF FEDERAL GOVERNMENT OF NIGERIA FROM UNPAID CONTRACT SUMS.
WE CROSS-CHECKED ALL LEGAL DOCUMENTATION IN THE BOXES, AND WERE ABOUT TO RELEASE THE CONSIGNMENT TO THE DIPLOMAT,WHEN WE FOUND OUT THAT THE BOXES IS LACKING ONE VERY IMPORTANT DOCUMENTATION WHICH AS A RESULT, THE BOXES HAS BEEN CONFISCATED.
 ACCORDING TO SECTION 229 SUBSECTION 31 OF THE 1991 CONSTITUTION IN TAX PAYMENT, YOUR CONSIGNMENT LACKS PROOF OF OWNERSHIP CERTIFICATE FROM THE JOINT TEAM OF THE IRS AND HOMELAND SECURITY, AND THERE FOR, YOU MUST CONTACT US FOR DIRECTION ON HOW TO PROCURE THIS CERTIFICATE, SO THAT YOU CAN BE RELIEVED OF THE CHARGES OF EVADING TAX WHICH IS A PUNISHABLE OFFENSE UNDER SECTION 12 SUBSECTION 441 OF CONSTITUTION ON TAX EVASION. Continue reading Fear of the FBI hopes to make you respond to this identity theft email

Resource for Learning about Security and Cybercrimes

In the last several years, cybercrime has become an increasing problem, especially with its ever evolving nature. The criminals using cyber methods to get what they want are smarter than your average thief, which means that to really protect yourself from this sort of crime, it’s smart to learn as much as you can about how these crimes happen. One great place to start is at Master of Homeland Security list of the Top 100 National Security Resources.

While a list of one hundred different sites is an immense amount of information to explore, there are a few on the list that really stand out, either because they are very informative or just simply an interesting collection of information. Not all of the sites necessarily pertain to cybercrime, but they all are security related.

First on the list is In Homeland Security, a site which provides news and information about both terrorism and homeland defense. The information isn’t just limited to the US either. There are several international news articles.

Then, second on the list is a really interesting blog by the TSA which Continue reading Resource for Learning about Security and Cybercrimes

Did hacktivist group Antisec take a big bite out of Apple?

Hactivist group Antisec strikes again – or did they?  Did they manage to take a bite out of the big “Apple” and do it from and FBI agent’s Dell notebook?  According to the Anonymous-allied hackers, they have and it’s been reported that a list of 12.4 million Apple Unique Device Identifiers (UDID) was gained.   This information also provided user names, device names and types and for some it included names, addresses, cell and home phone numbers.  Sounds like an identity theft nightmare, or it would be if Antisec wasn’t playing “Robin Hood” to the FBI’s Sheriff John, or so the story goes.

Did this hacking really happen?

According to the FBI (Oh no you didn’t!) .  A recent FBI statement denies stating,  “The FBI is aware of published reports alleging that an FBI laptop was compromised and private data regarding Apple UDIDs was exposed. At this time, there is no evidence indicating that an FBI laptop was compromised or that the FBI either sought or obtained this data.”

According to Antisec, Continue reading Did hacktivist group Antisec take a big bite out of Apple?