Online Threats That Will Throw You Off the Security Balance Beam

Thursday, August 09, 2012

Kelly Colgan


By now you’ve all seen the video of American gymnast Aly Raisman’s parents wincing, twisting and turning in their seats as they watched their daughter compete for Team USA in the Olympics gymnastics competition. (If you’ve been off the grid, check it out here.)

We know how they feel, because when we see consumers making big mistakes online, we squirm and shout. We don’t yell “Stick it!” right before the dismount, but we get pretty worked up.

Just as NBC announcer Tim Daggett delivers one of his Daggets to the heart of a teenage gymnast (“That’s gonna be a half-point deduction …”), we’re going to be brutally honest about the performance of consumers.

We can’t sugarcoat it, because there’s more at stake for online users than going for gold or settling for silver.

One blip on the beam or pratfall on the pommel can make a bank-account balance drop faster than an icy judge’s score. And it’ll take more than a Wheaties box to build it back.

So without further ado, and without a pre-recorded national anthem blaring, we at IDentity Theft 911 award the medals for the 2012 (In)Security Games in the event of online threats.

Gold: Oversharing

Yes, that’s right, oversharing wins the gold this year. It’s no longer an annoying habit of those Facebook friends who tell the world when they’re going on vacation, where they live and their child’s full name and birth date. Oversharing has taken on a whole new level of dangerous in 2012. Consider the Twitter account @NeedADebitCard. This account retweets messages from the Interweb where people have willingly exposed their debit card numbers, usually with an image of the card that shows their full name and expiration date, along with a message like, “Yaaaay my credit card came in! <3.” Too much information online opens you up to identity theft and serious credit problems—more than worthy of a gold.

Silver: Phishing Websites

The Anti-Phishing Working Group recently reported that the number of phishing websites reached an all-time high this year, with the U.S. hosting the most fraudulent. Almost 57,000 sites were detected in February, beating last year’s previous high. These sites imitate legitimate businesses such as big banks and popular websites such as PayPal, eBay and others. They aim to trick users into submitting personal information that crooks then use to rip them off. Keep an eye on phishing websites at the 2016 games. At this rate they’ll surely be vying for the top step on the podium.

Bronze: Tax Identity Theft

Much like phishing websites, tax identity theft is skyrocketing, breaking all previous Insecurity Olympic records. In 2011 more than 640,000 taxpayers went through some kind of tax-related identity theft. That smashed the previous 2010 record of 270,000 by more than double. These crimes range from crooks submitting victims’ personal information to claim tax returns all the way to inside jobs at the IRS. Now we find that the IRS has delivered more than $5 billion in tax refund checks to identity thieves who filed fraudulent tax returns in 2011. To make matters worse, the perpetrators often pose as legitimate tax preparers or tax preparation websites.

Consumers can protect themselves from these online threats following our tips to guard their personal information.

Stay tuned next week for our continued coverage of the 2012 Olympics (In)Security Games.

Ondrej Krehel, Chief Information Security Officer, IDentity Theft 911 Ondrej has more than a decade of network and computer security experience. His expertise extends to investigations of intellectual property theft, massive deletions, defragmentation, anti-money laundering and computer hacking. He led U.S. computer security projects at Stroz Friedberg and worked in IT security at Loews Corp.

Possibly Related Articles:
Phishing Identity Theft Social Media internet Threats Information Security online safety Olympics over-sharing
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.