Robert Siciliano is a NextAdvisor.com Expert Guest Blogger
Phishing continues to become more sophisticated, more efficient and widespread. According to Symantec, a 52% increase in phishing scams took place in July alone. Computerworld reports that basic phishing emails successfully led the company bank accounts being completely emptied. Criminal hackers waited until Pennsylvania schools administrators were on vacation and then used simple money transfers to liquidate more than $ 440,000 between December 29 and January 2.
Much of phishing that today product is "spear phishing," in which spammers concentrate on a localized target, usually a person having control over the checkbook of a company. This insidious type of phishing occurs when a recipient clicks on a link, either in the body of an email or on the spoofed website linked in the email, and a download begins. This download is almost always a virus with a remote control component, which gives full access to the phisher user data, including user names and passwords, credit card and account details banking and social security numbers. Malicious software can be attached to the web browser of the victim, where he expects the victim to connect to a banking site before embarking. When the victim log into his bank account, the software sets up new beneficiaries and money transfers to criminal hacker.
In the hack of the school, the software adds 42 people to its payroll during the Christmas holiday and quickly began to pay. The issuing bank has received 74 transfer requests during the four-day period.
When the consumers' bank accounts are emptied, federal regulations limit their liability to $ 50, as long as the victim reports theft in a defined period of time. But things are much more complicated for companies and other entities. Whether or not the victim is responsible for the missing money varies from bank to bank.
Protect your yourself. First, click on any link in an email unless you are 100% sure of its legitimacy. Every time I receive an electronic statement from a bank or credit card company, I go to my menu favorites or type in the address manually, rather than clicking on the link in the email. I take this extra step because I'm only 99.9% that the email is legitimate. You should also consider getting a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief. And invest in identity theft protection. All forms of protection against identity theft can be prevented, but identity theft protection services can dramatically reduce your risk. Make sure your browser is updated to the latest version from an outdated web browser is often riddled with holes worms can crawl through. Make sure your Internet security software is updated and configured to run automatically. And check your bank statements online frequently.
Robert Siciliano, identity theft speaker, discusses phishing.
Robert Siciliano is CEO of IDTheftSecurity.com, an expert on identity theft, professional speaker, security analyst, published author and television news correspondent. Siciliano works with Fortune 1000 and start-up companies as a consultant on product launches, branding, messaging, representation, SEO and media. the thoughts and advice of Siciliano on all these issues often appear in both television and print media news, including CNN, MSNBC, CNBC, FOX, Forbes and USA Today. He has 25 years of safety training as a member of the American Society for Industrial Security. He is the author of two books, including The Safety Minute: Living on high alert; How to take control of your personal safety and to prevent fraud . He also established a partnership with Uni-Ball to help raise awareness of the growing threat of identity theft and provide tips on how you can protect yourself.