Category Archives: Online Security

Datapalooza , Tax Returns and Identity Theft

Protecting personal information is important. It is extremely important in the online world. Identity theft is a real problem. Thieves who steal information often gather it easily from unsuspecting victims who willingly give out personal information to the wrong person or those who give out the information unwillingly but didn’t have their information protected.

Identity theft might become an even bigger problem with the announcements that were made at the White House’s “Datapalooza” event. “Datapalooza” is an ambitious new agenda that has been outlined by President Obama to combat rising college costs and to make college more affordable for American families.  It was a meeting of policy leaders and innovators exploring how open government data could help the education system in the United States. Part of the plan includes using technology for tools, services, and apps to help students evaluate and select colleges.

Apps will be used to help students access information about colleges including statistical data, program data, and form data (i.e. FAFSA).  Third party apps are also being considered for integration into the U.S. Department of Education’s financial aid toolkits. These applications should be viewed skeptically by students.  If the apps do not have the proper protections and encryptions against hack attacks then hackers might have “datapalooza” with student’s personal information.  Identity theft is a real concern with the potential data that would need to be stored online to use the governments’ apps.

The White House announced at “Datapalooza” that Americans will now be able to download their tax returns directly from the IRS’ new service Get Transcript.  Tax information is not easily accessible and for good reason. Tax papers have very personal information on them including names, birthdates, social security numbers, and wage information.  To obtain tax information before one would have to fill out a questionnaire, send it back and wait 5-10 business days for physical forms to arrive. Get Transcript makes it much easier for people to download their tax information instead of waiting to get the physical forms. But it also means that much more personal information is at risk of being stolen.

Snapchat Suffers Major Security Breach Plans to Make App More Secure

Snapchat suffered a major security breach on New Year’s Eve when a reported 4 million usernames and passwords were collected by hackers.  Snapchat had been warned twice by security experts about a vulnerability in its system, according to Yahoo News.

Snapchat is a private company that has marketed itself on being a more secure alternative that Facebook and Instagram. It lets users send photo and video messages that disappear once viewed.  According to the New York Times, users of the self-destruct message service were sending 350 million photos a day in September –increased from 200 million in June.

Related content:  Are Instagram and Snapchat safe for Kids?

Security researchers were not convinced that the app actually deleted information.  The hackers who stole the usernames and passwords from Snapchat were actually security researchers with Gibson security who were able to hack into Snapchat’s servers and find the data that had been stored in a database similar to other big internet companies.

The security researchers posted the hacked information onto a website called SnapchatDB.info after privately warning Snapchat about the weakness in its system.  The researchers then posted a warning about the security hole online on Christmas Eve after the notice was ignored. Snapchat did patch the hole in the system but it didn’t do enough.  The data was not encrypted nor were there any basic security measures in place to prevent hacking.

The usernames and passwords put online in the data dump on New Year’s Eve had the last two digits of phone numbers removed. Snapchatdb.info has since been suspended for the data dump, but not before word spread of the breach.

The breach severely tarnishes Snapchat’s reputation and image. It could threaten the company’s rapid growth.

Gibson Security says users can delete their Snapchat accounts and ask their phone company to change their phone number in order to protect their information. Although, they warn that deleting the account won’t remove information from the leaked database information.

“Ensure that your security settings are up to scratch on your social media profiles. Be careful about what data you give away to sites when you sign up –if you don’t think a service requires your phone number, don’t give it to them,” Gibson told the Associated Press.

Snapchat is trying to reassure users’ that is has adopted security measures that would prevent spam and abuse. They also claim they are working to prevent “future attempts to abuse our service.”

National Security Agency Broke Privacy Rules, Audit Finds

The National Security Agency (NSA) has been spying on Americans. The agency was given broad powers in 2008 and has been accused of overstepping its authority thousands of times. Edward Snowden leaked information that told the world about the agency’s spy programs including the interception of e-mails and data collection of phone calls.

Snowden recently leaked documents to The Washington Post showing that the NSA has repeatedly exceeded its legal powers and broken privacy rules every years since it was granted broad new powers. The internal audit shows violations ranging from unauthorized surveillance of Americans or foreign intelligence targets in the United States to the “unintended interception” of U.S. e-mails and telephone calls.

The documents provided to the Washington Post showed that Congress wasn’t even aware of some of the details that the NSA was pulling from its programs. One document instructed agency personnel to remove details and substitute more generic language in reports that went to the Justice Department and the Office of the Director of National Intelligence.

Another document showcased the “unintended  surveillance” of Americans. The Washington Post reports, “A notable example in 2008 was the interception of a ‘large number’ of calls placed from Washington when a programming error confused the U.S. area code 202 for 20, the international dialing code for Egypt, according to a ‘quality assurance’ review that was not distributed to the NSA’s oversight staff.”

The once-secret Foreign Intelligence Surveillance Court was also kept in the dark about some of the NSA’s spy programs and the information being gathered. The court did not learn of new collections methods until months after it had been in use. When it did find out about the new collection method it ruled it unconstitutional.

The Obama administration has attempted to remain quiet about the NSA.  The first excuse was that Continue reading National Security Agency Broke Privacy Rules, Audit Finds

Bradley Manning Acquitted of Aiding the Enemy

Bradley Manning was found not guilty of “aiding the enemy” by a military judge on Tuesday, July 29. Private Manning became notable for his release of hundreds of thousands of military and diplomatic documents. Manning released the documents to WikiLeaks for publication in 2009 and 2010.

Manning was arrested in May 2010. He was charged with 1 count of aiding the enemy, 9 counts of failure to obey a lawful order or regulation, and 24 counts of violating the General article of the Uniform Code of Military Justice. The last 24 charges included violations of the Espionage Act, Computer Fraud and Abuse Act, and Embezzlement and Theft of Public Money, Property or Records.

The total number of counts that Manning was charged with was 34. If he had been found guilty of “aiding the enemy” he could have potentially faced the death penalty.

While the court-martial judge, Col. Denise R. Lind,  ruled that Continue reading Bradley Manning Acquitted of Aiding the Enemy

Cyberattacks at Universities are on the Rise

Cyberattacks are becoming a common problem on college campuses. America’s research universities are often the targets. These universities are at the hub of information exchanges through out the world. Most of the attacks are thought to come from China. NY Times is reporting that millions of hacking attempts happen weekly.

The campuses targeted are being forced to tighten security which is preventing them from their normal open exchange of information and causing them to take time to find out what information was stolen. Officials have stated that some of the hacking attempts have succeeded and those that have succeeded are often not known about until well after the breach occurred. The universities are remaining silent on the specific nature of the breaches except for those that have involved the theft of personal data. Personal data includes social security numbers, email addresses, home addresses, phone numbers, etc.

Related content:  Going Back to School: Don’t get Scammed

Rodney J. Petersen, head of the cybersecurity program at Educause, a nonprofit alliance of school and tech companies, told NY Times, “The attacks are increasing exponentially, and so is the sophistication, and I think it’s outpaced our ability to respond. So everyone’s investing a lot more resources in detecting this, so we learn of even more incidents we wouldn’t have know about before.”

The problem that the universities are facing with cyber attacks is that it puts the research work at critical risk. Patents for prescription drugs, computer chips, fuel cells, medical devices and many other products and services that could be stolen for commercial, political or national security value.

The numbers of cyberattacks are doubling every few years putting universities on edge trying to figure out the source of the attacks and what has been stolen. The schools are also on edge because it appears that every time they fix a breach, a new hack occurs with more sophisticated technology.

Related content: 7 Tips to Protect College Students from Identity Theft

Bill Mellon, associate dean for research policy at University of Wisconsin, said of the increased cyberattacks, “We get 90,000 to 100,000 attempts per day, from China alone, to penetrate our system. There are also a lot from Russia, and recently a lot from Vietnam, but it’s primarily China.”

The schools that have noticed the most attempts coming from China have not figured out whether the hackers are private or governmental.

EFF Files New Lawsuit Against NSA

The Electronic Frontier Foundation (EFF) has filed a lawsuit on behalf of First Unitarian Church and multiple other organizations against the National Security Agency (NSA) opposing the illegal mass surveillance programs of the NSA. EFF represents will be representing the coalition of American organizations including political associations, churches, and regular people.

First Unitarian Church of Los Angeles v. NSA is a lawsuit that will address whether the NSA violated the First Amendment right of association by illegally collecting call records. EFF has had years of experience fighting illegal government surveillance in court, but this will be a pivotal case for the Electronic Frontier Foundation.

“The First Amendment protects the freedom to associate and express political views as a group, but the NSA’s mass, untargeted collection of Americans’ phone records violates that right by giving the government a dramatically detailed picture into our associational ties,” said EFF Legal Director Cindy Cohn. “Who we call, how often we call them, and how long we speak shows the government what groups we belong to or associate with, which political issues concern us, and our religious affiliation. Exposing this information –especially in a massive, untargeted way over a long period of time– violates the Constitution and the basic First Amendment tests that have been in place for over 50 years.”

The bulk telephone records collection program was Continue reading EFF Files New Lawsuit Against NSA

The Fifth Estate Reveals Quest to Expose Deceptions and Corruptions of Power

the fifth estateBeing a watchdog and exposing the privileged and powerful was the idea behind WikiLeaks. The website which allowed whistle blowers to anonymously leak covert data shined a light on government secrets and corporate crimes. DreamWorks Pictures’ The Fifth Estate is a dramatic thriller based upon WikiLeaks’ founder Julian Assange and his colleague Daniel Domscheit-Berg’s quest to become underground watchdogs of the privileged and powerful.

The Fifth Estate highlights one of the most fiercely debated organizations –WikiLeaks– and focuses on the story of Assange and Berg gaining access to the biggest trove of confidential intelligence documents in U.S. history. The Fifth Estate asks “what are the costs of keeping secrets in a free society –and what are the costs of exposing them?”

The WikiLeaks platform rocked the media and journalism community. It began reporting and breaking more hard news than the world’s most legendary media organizations combined. The website exposed over 76,000 documents about the war in Afghanistan, a set of almost 400,000 documents called the “Iraq War Logs,” mapped over 109,000 deaths in significant attacks by insurgents in Iraq, and published files related to the prisoners detained at the Guantanamo Bay detention camp. And that was just the start.

The film “The Fifth Estate” presented by DreamWorks Pictures and Reliance Entertainment is based on Continue reading The Fifth Estate Reveals Quest to Expose Deceptions and Corruptions of Power

Photo-Sharing Programs are Latest Portals for Scam Artists

According to the latest FBI reports, cyber criminals have been using photo-sharing programs more often to reach into our pockets without permission. Of course the process is not quite so straightforward, but the end result is always the same. One of the most common methods involves utilizing vehicle advertisements to lure in trusting potential buyers. It is a new twist on an old plot to be sure, but it seemingly is still effective with a number of people.

To get the information they need, they use Continue reading Photo-Sharing Programs are Latest Portals for Scam Artists

Gambling With Your Identity

I see it all the time.

Some person will be just crazy about how they handle their personal information.

I see this because I have been aware of computer crime and mail fraud since I became a victim of it myself in 1999.

Unfortunately, I had gotten a friend involved in what I thought was a really great deal.

It turned out to be a complete scam, and not only did it cost each of us $600, just as we were entering our sophomore year of college, but it also cost me the trust of a friend, and was the start of the loss of that friendship.

That was one of the most expensive lessons I have ever learned in my life.

I still will pay back this friend, with interest, though this event is more than 14 years ago now.

Gambling with your identity is much different than playing in a casino.

In a casino, you’re intentionally walking into a Gaming Club of some kind.

When you know you’re walking into a fantasy world, either through online gaming and gambling or in a real casino, you still know that you’re there to lose some money.

In real life, you may never know you’re walking into a trap.

When you buy that fake computer from a fake guy who is offering you a deal that’s just too good to be true, chances are very good that the deal really is too good to be true.

But unless you improve your skills and knowledge, and approach transactions with a healthy dose of skepticism, you will never see the trap, until it’s too late.

 

Like we’ve been recommending for years on this site, you should probably walk away from a situation where you know something just doesn’t feel right.

If it’s too good to be true, it probably is.

If you get involved with someone who’s trying to scam you, it can end up being like you’re gambling with your identity.

If you lose your identity due to carelessness, it’s a tough and expensive lesson.

There’s really not much more to say today than this simple reminder to be alert, be aware, and get educated.

Make sure to protect your information and your identity, and have a plan in place before identity theft takes place.

 

Five Reasons Instagram Might Be A Bad Idea for Your Teen

teens and instagramInstagram is one of the hottest social media apps on the market and they are growing quickly. In the past year alone they have doubled their subscription base and that does not appear to be slowing down. Because the app is used primarily on phones and tablets, it has been particularly popular with the younger crowd for sharing pictures with friends. The problem with Instagram is that it is not meant for kids younger than 13 per their terms of service. Despite this, kids sign up all the time with little to stand in their way. Here are five good reasons why you might want to stop your kid from using Instagram at such a young age:

Instagram is public

Like any other social media site, anyone can see your kid’s pictures if they don’t set the account to private. If the kid posts a picture at the park with friends and the account is set to public, anyone can know where your kid is, what they look like and who they are with. The danger is obvious.

Instagram can be brutal

We have all heard the stories of how social media can hurt a kid. Instagram allows Continue reading Five Reasons Instagram Might Be A Bad Idea for Your Teen