Social Media Blog

Sharing Information & Knowledge

By

How to protect yourself from debit-card fraud

A credit card, the biggest beneficiary of the ...

A credit card, the biggest beneficiary of the Marquette Bank decision (Photo credit: Wikipedia)

How’s this for a phone call you don’t want on a Sunday night: Visa’s fraud unit, calling to ask whether you’re aware that $1,371 has been wired from your bank account via Western Union.

Lisa Rokusek was definitely not aware of this transaction, since she hadn’t initiated it.

As it turns out, Rokusek, a US woman from St. Louis, Missouri, should have been wary of that phone call, too, if the caller did in fact claim to be from Visa’s fraud unit, as originally reported in the St. Louis Post-Dispatch.

Read More How to protect (…)

By

Fake Facebook Security Team phishes passwords from users

Facebook logo

Image via Wikipedia

Post from Sophosh by Graham Cluley.

A number of Facebook users have reported to us receiving mysterious messages, seemingly from Facebook’s security team, telling them that their accounts have been suspended.

The spam messages, however, are not legitimate.

In reality they have been sent out by fraudsters posing as Facebook’s real security team, with the intention of phishing credentials from unsuspecting users.

By

How to protect our personal data from hackers

A diagram showing the front side of a typical ...

Image via Wikipedia

Computer hackers have an ability to cause chaos by using personal data that they have stolen. But the theft can be prevented if people are careful with their information.

Personal finance expert Carmen Wong Ulrich shared advice during a talk on ‘The Early Show on Saturday Morning’ on how to protect personal information and what to do when hackers get their hands on it.

“The first line of defense is always your passwords, and the information on your computer,” CBS News quoted Ulrich as telling co-anchor Betty Nguyen.

“Make sure you go right to your computer, change your log-in information and password information on everything from your credit card accounts to where you shop through retailers and your email, as well because, as we saw-Google and Yahoo – the hackers are coming in from everywhere,” she said.

Ulrich, author of ‘The Real Cost of Living’, said almost three-quarters of us use the same password on several accounts.

“Please stop doing that! Protect the banking part as much as you can, because the hackers will come in from the company side. But they’re coming in on your side, too,” she implored.

“Also, use one computer, if you can, to do your banking. I know it’s hard (with everyone using so many different devices). Try to do it all on one computer. That limits exposure.

“And, never, ever do banking or do transactions online on an open Wi-Fi. It’s very tempting because it’s so easy. You could be sitting in a coffee shop or the airport or wherever you are. Squatters will sit there and scour that Wi-Fi. So definitely don’t do that.

“And don’t use your debit card online. This runs counter (to conventional wisdom), because credit cards, people say, are bad. But a credit card protects you and your cash.

“Of course, there’s (a) liability (limit) with your debit card. But who wants their accounts emptied of cash? Instead, use your credit card online, so at least you don’t expose yourself, cash-wise,” she stated.

Source :- http://in.finance.yahoo.com

  • How to protect our personal data from hackers (news.bioscholar.com)
  • Making your personal data hack-resistant (cbsnews.com)
  • Citibank victimized by hackers, insists cardholders are safe (blogoholic.in)
  • Citi to issue new credit cards after data breach (marketwatch.com)
  • Credit Card Processing Fees And Internet Scams (creditcardprocessing.net)
  • Your Trash Could be an Identity Thief’s Treasure (socyberty.com)

By

Citibank victimized by hackers, insists cardholders are safe

NEW YORK - MAY 20: In this photo illustration...

Image by Getty Images via @daylife

Reuters is reporting that Citibank‘s systems were hacked, resulting in a loss of Personally Identifiable Information (PII).

Citibank says that data for 1% of their cardholders was accessed through this breach, but customers‘ Social Security Numbers (SSNs), birth dates, card expiration dates and CVV codes are safe.

Information that may have been disclosed to the hackers includes customers’ names, account numbers, contact details and email addresses.

According to Citibank’s website they are the world’s largest provider of credit cards, issuing more than 150,000,000 cards globally. Based on these numbers, information for 1,500,000 or more individuals may have been compromised.

In April Paul Gaulant, former head of the bank’s credit card unit, told Reuters, “Security breaches happen, they’re going to continue to happen … the mission of the banking industry is to keep the customer base safe and customers feeling secure about their financial transactions and payments.”

That may be true, but feeling secure is not the same as being secure. How this information was acquired and why it wasn’t protected against theft is a far more important question.

Citi has stated they will notify customers believed to be affected by the breach.

Customers affected by this incident should be on high alert for scams, phishing and phone calls purporting to be from Citibank and their subsidiaries.

While Citi customers aren’t likely to have fraudulent charges against their accounts as a result of this breach, they are likely to encounter social engineering attempts to enable further crime.

Considering that the attackers have your name, account number and other sensitive information they are able to provide a very convincing cover story to victims.

Never accept incoming communications purporting be from financial institutions you do business with, whether by email or phone call. Call them back using only the phone numbers published on your cards or statements. When logging in to perform online transactions, always enter their website address directly in your browser. Never click links.

Source :- http://nakedsecurity.sophos.com

  • Citibank Reveals Massive Data Breach (newser.com)
  • Citibank hacked, 1.5 million customers information may be at risk ~ Softview (softview.co.in)
  • Citibank the latest to suffer successful hack (electronista.com)
  • Citi admits hackers stole data on 200,000 card holders (slashgear.com)
  • Bank Of America Settlement In Debit Card Litigation (businessinsider.com)
  • Tips for Protecting Yourself from Identity Theft (savings.com)

By

Sony admits breach larger than originally thought, 24.5 million SOE users also affected

Image representing Sony as depicted in CrunchBase

Image via CrunchBase

Sony disclosed today that the breach affecting its PlayStation Network (PSN) that saw 77 million records lost was larger than they originally thought. Not only were the details of PSN users stolen, but another 24.5 million records related to users of Sony Online Entertainment were stolen as well.

Sony Online Entertainment logoSony Online Entertainment (SOE) is the division of Sony responsible for many of their popular online role-playing games like DC Universe Online and Star Wars: Clone Wars Adventures. As in the PSN breach, the lost information included names, addresses (city, state, zip, country), email addresses, gender, birthdates, phone numbers, login names and hashed passwords.

In news perhaps worse than the disclosure from two weeks ago, Sony is saying that 12,700 credit and debit cards and expiration dates of non-US customers and 10,700 direct debit accounts (bank account numbers) for users in Germany, Austria, Netherlands and Spain may also have been stolen.

SOE email

Unlike the credit cards from PSN, which Sony assured the public were encrypted, no mention was made in Sony’s press release about the information from SOE being protected.

Sony was quick to note that the passwords had been hashed, but has not disclosed which hashing algorithm was used and whether they used a salt when calculating the hashes.

Sony mentioned that the lost credit/debit card information and direct debit banking information was stored in an “outdated database from 2007.”

WHAT??!?! How many locations on your network are housing other “lost” financial data? Do you even know where my information is to check whether it has been stolen?

Whether Sony’s bad practices are an act of hubris or simply gross incompetence is hard to discern. Let’s hope for the sake of Sony’s customers and the poor souls in their public relations department that this is the last disclosure they will need to make related to this incident.

It is important to remember that Sony is a victim as well, not just the 101.5 million customers whose personal information have been disclosed. Malicious attacks like this are a serious crime, it is just unfortunate that Sony had not taken a few preventative measures to be sure our information was safe.

For more information on how to keep your data safe, visit our Data Loss and Regulations site to download free tools, papers and other advice on keeping your data safe.

Source :- http://nakedsecurity.sophos.com

  • Sony admits breach larger than originally thought, 24.5 million SOE users also affected (nakedsecurity.sophos.com)
  • Sony says data for 25 million more customers stolen (go.theregister.com)
  • Sony Breach Gets Worse: 24.6 Million Compromised Accounts At SOE (yro.slashdot.org)
  • “Sony Online Entertainment Promises PSN Network Back Online This Week” and related posts (news.lalate.com)
  • What Next? Sony Admits An Even Bigger Security Breach: 25 Million Accounts (paidcontent.org)
  • Sony Online Entertainment explains backtracking on safety of user data (joystiq.com)
  • Sony Reports 24.5 Million More Accounts Hacked (informationweek.com)
  • First PSN, now SOE: Sony’s Wounds Deepen (blogcritics.org)
  • PlayStation Network Not The Only Breach, Says Sony (webpronews.com)
  • You: 25m extra user detail theft: Sony (nation.com.pk)

By

A First Look at Facebook’s New Deals

Tomorrow, Facebook’s new Deals featurewill be launching in five cities around the U.S.; here’s a first glimpse of how those offers will look and function.

Facebook logo

Image via Wikipedia

First, users who opt into Deals will get to see opportunities specific to their locations. Those offers will arrive via email or, in some cases, will appear in the user’s news feed on Facebook.

To be clear, these aren’t like the checkin-based deals for mobile users that Facebook launched for its nascent Places platform; while the initial mobile Deals product competed with Foursquare, the new product competes more with Groupon.

Each deal will have its own Facebook landing page, as shown below. Users can “Like” a deal, share it via several channels on the site, or opt to buy it right away. When purchasing the deal, users can pay with credit card or Facebook Credits.

It’s unknown whether Facebook will make more money from Credits purchases than from traditional ones. A rep said via email, “We’re not disclosing details about revenue splits, but paying with Credits will work the same way as paying with a credit card. It’s simply another way for people to pay for Deals. We think this just makes things easier for people using Facebook.”

Check out the gallery below for a walkthrough of signing up for, finding, buying and sharing the new Facebook Deals.

Source -: Mashable Blog

  • A First Look at Facebook’s New Deals (fakeiitian.com)
  • A First Look at Facebook’s New Deals (mashable.com)
  • Facebook’s New Deals Product Coming to Five Cities Tomorrow (mashable.com)
  • Facebook Deals is launching tonight in five cities (thenextweb.com)
  • WCN Transmedia Group News: Facebook & Google Enter the Competition with Groupon (wcntransmedia.wordpress.com)
  • Looks Like Facebook Deals Is Being Unveiled Tonight With Credits And Partners In Tow (techcrunch.com)
  • Facebook Deals Launching Tonight In United States (blogherald.com)
  • Facebook Deals Begins Testing Tomorrow, to Include Credits, Syndication Partners (insidefacebook.com)
  • Facebook Tries Deals With A Social Twist (blogs.wsj.com)
  • No Teeth Whitening: Facebook Launches Group Deals To Bring Social Experiences Offline (searchengineland.com)
Close