{"id":16349,"date":"2019-09-18T06:00:02","date_gmt":"2019-09-18T14:00:02","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2019\/09\/18\/news-10090\/"},"modified":"2019-09-18T06:00:02","modified_gmt":"2019-09-18T14:00:02","slug":"news-10090","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2019\/09\/18\/news-10090\/","title":{"rendered":"There She Breaches! Watch Out For Your Identity Data!"},"content":{"rendered":"

Credit to Author: Trend Micro| Date: Wed, 18 Sep 2019 13:06:03 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Data breaches keep on coming. Here\u2019s what you can do to stay ahead of the hackers<\/p>\n

Money makes the world go around. It\u2019s the glue that holds our society together and the engine that drives our economy. But it\u2019s also coveted by a growing global population of highly resourceful and determined cyber-criminals. They\u2019re out to get what they can and their route to riches usually begins with the theft of data\u2014your<\/em> data. While sometimes it\u2019s stolen direct from individuals, there\u2019s a far bigger potential pay-off from hitting a company that may be storing personal data on millions of customers.<\/p>\n

These data breaches have become depressingly common in the 21st<\/sup> century. And over the past month or so another two firms have been found wanting \u2013 exposing a further 30 million customers. To keep ourselves insulated as much as possible from incidents like this we need to be alert, to track when breaches happen and if we\u2019re affected, and we need to plan ahead to protect the gateways to our digital lives: our digital IDs and passwords.<\/p>\n

Breaches are here to stay<\/strong><\/p>\n

So, what\u2019s the scope of the problem? Well, if cybercrime were a country it would have the 13th highest GDP in the world, generating as much as $1.5 trillion each year, according to some estimates<\/a>. And according to a new report,<\/a> there have been nearly 4,000 data breaches already in the first six months of 2019, a 54% increase on the same period last year \u2014 exposing 4.1bn records.<\/p>\n

A sophisticated underground economy offers hackers all the tools and expertise they need to launch attacks, and a thriving digital Dark Web<\/a> marketplace in which to sell stolen data to fraudsters and other cyber-criminals. Many do not even need technical skills to get started, they simply rent hacking kits as a service, point and click.<\/p>\n

This is what businesses are up against. As long as there\u2019s money to be made, there\u2019ll be a steady stream of cyber-criminals knocking at their door, testing their systems and trying to get in. The latest two to suffer major breaches of customer data are the popular online merchandise store CafePress<\/a> and the e-commerce firm StockX.<\/a><\/p>\n

We know by now that even the most secure business in the world can be hacked, as long as the attacker is determined enough. Instead, it\u2019s how the business responds to an attack that matters. Unfortunately, these two firms have been heavily criticized for various deficiencies including:<\/p>\n\n\n\n\n
<\/td>\n\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

What could hackers do with my password?<\/strong><\/p>\n

Stolen identity data can be used to impersonate victims online in identity fraud attempts, or in phishing attacks designed to grab even more sensitive data from the victim.<\/p>\n

However, a lot of the time it is the email-address-and-password combos that the hackers are after. Why? Because these are the virtual keys to our digital world \u2013 offering access to everything from online banking to our emails, cloud storage and even video streaming services.<\/p>\n

We all own so many online accounts today that password reuse across these sites and apps is commonplace. Remembering hundreds of complex, secure log-ins is simply unfeasible, so we go for one or two simple ones, and use them for everything.<\/p>\n

The problem is the bad guys know this, and use so-called \u201ccredential stuffing\u201d techniques to try the log-ins they\u2019ve stolen from CafePress, StockX, or the latest breached company, across multiple sites. They can run these at great speed, and use huge volumes of breached log-ins to try and crack open user accounts on other sites\/apps. They only have to be lucky a tiny fraction of the time to make it worth their while.<\/p>\n

This technique was behind an estimated 30 billion unauthorized log-in attempts in 2018<\/a>.<\/p>\n

With working log-ins, hackers could:<\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • Steal the personal identity information in your account to sell it to fraudsters<\/li>\n
  • Sell access to the account itself. The Dark Web is awash with stolen accounts for sale, offering free taxi rides (Uber), video streaming (Netflix) discounted travel (Air Miles) and much more. You might not notice until you next log-in that something is wrong.<\/li>\n<\/ul>\n<\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

What you can do<\/strong><\/p>\n

It\u2019s important than ever for consumers to get proactive<\/em> about their own data security, by utilizing an identity monitoring service, which notifies you when your credentials have been compromised or are being sold on the Dark Web; and by beefing up how you manage your online credentials\u2014your IDs and passwords\u2014using a password manager tool to create longer and stronger passwords. Trend Micro has solutions for both (see below).<\/p>\n

You should also consider adding a second layer of security by switching on two-factor authentication for any accounts that offer it. This will request another \u201cfactor\u201d such as a fingerprint, facial scan, or one-time SMS passcode[i]<\/a> in addition to your passwords. You can achieve the same end-result by downloading a handy 2FA app, such as Google Authenticator<\/a> or Authy<\/a>.<\/p>\n

Here\u2019s a checklist of other data security tips:<\/p>\n\n\n\n\n
<\/td>\n\n
    \n
  • Change your password immediately if a provider tells you your data may have been breached and make sure that all of your passwords across all of your online accounts are unique. Hackers will try to use stolen credentials to log in to other sites.<\/li>\n
  • Keep an eye on your bank account\/credit card activity<\/li>\n
  • Only visit\/enter payment details into HTTPS sites<\/li>\n
  • Don\u2019t click on links or open attachments in unsolicited emails<\/li>\n
  • Only download apps from official app stores<\/li>\n
  • Invest in AV for all your desktop and mobile devices<\/li>\n
  • Ensure all operating systems and applications are on the latest version<\/li>\n
      <\/td>\n<\/tr>\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

[i]<\/a> Note that one-time passcodes texted to your phone will not keep you safe if the hacker has access to your mobile phone number\/account. This has happened multiple times<\/a> in the past.<\/p>\n

How Trend Micro can help<\/strong><\/p>\n

Data breaches at firms like CafePress and StockX may be happening on an almost regular basis today, but Trend Micro offers two complementary services to reduce your risk exposure:<\/p>\n\n\n\n\n
<\/td>\n\n
<\/td>\n<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n

Staying vigilant about the integrity your online accounts, beefing up your access with 2FA, and using a password manager will contribute significantly to maintaining the safety of your identity in an unsafe world.<\/p>\n

_______________________<\/p>\n

[1] Note that one-time passcodes texted to your phone will not keep you safe if the hacker has access to your mobile phone number\/account. This has happened multiple times<\/a> in the past.<\/p>\n

The post There She Breaches! Watch Out For Your Identity Data!<\/a> appeared first on <\/a>.<\/p>\n

http:\/\/feeds.trendmicro.com\/TrendMicroSimplySecurity<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Credit to Author: Trend Micro| Date: Wed, 18 Sep 2019 13:06:03 +0000<\/strong><\/p>\n

\"\"<\/p>\n

Data breaches keep on coming. Here\u2019s what you can do to stay ahead of the hackers Money makes the world go around. It\u2019s the glue that holds our society together and the engine that drives our economy. But it\u2019s also coveted by a growing global population of highly resourceful and determined cyber-criminals. They\u2019re out to…<\/p>\n

The post There She Breaches! Watch Out For Your Identity Data!<\/a> appeared first on <\/a>.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[10378,10413],"tags":[10789,714],"class_list":["post-16349","post","type-post","status-publish","format-standard","hentry","category-security","category-trendmicro","tag-consumer","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16349","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=16349"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/16349\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=16349"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=16349"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=16349"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}