Tag Archives: identity theft

Guess How Long It Takes For Thieves to Use Stolen Data?

The FTC recently did an experiment to see how quickly thieves used stolen data after it was posted on the dark web.

They created 100 fictitious consumers and gave them credit cards or bitcoin wallets.  Each fictitious consumer had a name, email and passwords as well.

They posted the data twice – first on April 27th and then again on May 4th.

There are two kinds of thieves, the FTC says.  Ones who run test transactions to see if the card still works and others who just make big purchases right off the bat.

After the data was published on May 4th, it took thieves NINE MINUTES to start using the data.  On April 27th, it took a little longer – NINETY MINUTES.

In either case, it says that it doesn’t take very long.

In total there were over 1,200 attempts to use the bogus accounts.  In addition, there were close to 500 attempts to access the bogus emails.  The attempted transactions were for more than $12,000.

One note that the FTC did make – none of the accounts that had two factor authentication enabled were accessed.   Almost everyone offers two factor authentication these days.  We recommend that you use two factor authentication whenever it is available.

Information for this post came from CNN.

Facebooktwitterredditlinkedinmailby feather

Merry Christmas – Is Your Child A Victim of Identity Fraud?

Now that Christmas has come and gone and your kids are actively playing with their new goodies, have you considered protecting their identities from fraud?

Two recent breaches bring the subject to the forefront.  VTech Holdings, the Hong Kong based toy maker offers an app store called Learning Lodge and messaging system called Kid Connect.  In November, after a journalist told them they had been hacked, they said that information on almost 5 million adults and 200,000 kids had been taken.  A few days later they revised that to 6.4 million kids.

This month, the toy maker Sanrio, who makes the Hello Kitty line of toys, among others, was hacked and exposed information on over 3 million customers.

In both cases the data was not encrypted, although since we don’t have details of the attacks, we do not know if encryption would have helped.  In the Sanrio case, the user’s passwords were not encrypted – that we know is a problem.

So why are kids especially vulnerable?  Because attackers know that parents do not look for identity fraud for their kids.  If someone assumes your kid’s identity, it is likely that you will not discover it.  In theory, an attacker cannot open a credit card in your kid’s name, if your kid is under 18.  In theory.  There are plenty of other kinds of fraud to consider.

In fact, according to the Tech Times article:

If an adult looking into getting a “free ride” for a few days, months or, worse, years, is able to obtain that clean slate and claim it as theirs, they can start using your child’s information to mask their own identities. They wouldn’t have much of a problem with getting caught too soon unless the parent decides to check up on their child’s record and discovers the anomalous activity.
The affected child could wake up many years later as an adult prepared to lead a responsible life only to find out they already have a bad credit score and incurred a huge debt.

For parents, this means monitoring what your kids are doing online, checking their credit reports and generally being observant. 

Just in case you think I am a member of the tin foil hat crowd, I am.  By the way, MIT did some research and discovered that for certain raido wave frequencies, tin foil hats actually increase the amount of radio waves absorbed, but I digress.  A quick Google search shows that even the Federal Trade Commission has a page on child identity theft (see here).

So while your kids play with their new toys, now is the time to start training them about identity theft.



Information for this post came from Techtimes and CNBC.

Facebooktwitterredditlinkedinmailby feather