Authentic8 Blog Category: Identity

Can You Trust Your Tax Preparer?

social-do-you-like-e-filing-your-taxes-so-do-tax-refund-fraudsters.pngIDENTITY

IRS forms can suck the joy right out of a wonderful April day. Do you prefer online tax filing? Guess what: so do cyber criminals. Also on their target list: CPAs and local tax preparer offices.

The IRS expects damages from tax refund fraud - somebody filing for a refund, using a stolen identity - to rise to $21 billion this year. This increase is in part due to the widespread use of e-filing services by taxpayers.

While such services make filing for a refund easier, some Internet tax filing platforms are also known to fuel tax fraud. Organized scamsters use them to automate their scheme online.

That tax refund you expected? The one that’s long overdue? It may have been paid out already, but to somebody else: to a tax scam artist.

As a victim of tax refund fraud, up to nine months can pass before you finally receive your money. That’s on average how long it takes

Your data has been leaked - now what?

2015-06-21_Ars-TechnicaIDENTITY

The math isn’t good. Since 2013, more than 1 billion records containing personally identifiable information (PII) have been compromised. From credit card purchases at hardware stores to government background checks, your data is on servers completely outside of your control. And it appears that the owners of those servers haven’t cared about securing your data as much as you have. So your data has been leaked. Your world is changed, and here are 6 steps to take to get back in control of the situation -- a few of them immediately, the rest over time.

Do this TODAY!

Acknowledge that you are a victim. Say it to yourself: “My data has been stolen and will probably be sold to the highest bidder.” That realization should permeate your behavior. Where you used to click links, enter passwords in fields, or throw official-looking mail in the trash, now you can’t. Try to assess everything you receive from the perspective of

Protect Yourself from the Anthem Data Hack

img_2015-02-27_Anthem-Facts

IDENTITY

This article isn’t for everyone - only eighty million of you (or 78.8 million to be more precise). That’s the whoppingly huge number of Anthem Health Insurance customers whose personally identifiable information (PII) is now in the hands of internet thieves. If you’re a current or former Anthem subscriber (or a Blue Cross Blue Shield subscriber who received services from Anthem), crooks probably have your full name, birth date, member ID data, street address, phone number, email address, and employment information.

Armed with your PII, these criminals (or the people who buy your PII on the black market) are cooking up ways to steal from you. Here’s a partial list of what they might be considering:

  • Registering for credit cards under your name and going on shopping sprees.
  • Foisting their income taxes on you. If a fraudster gives their employer your social security number, you’re on the hook to the IRS for the crook’s

Trusting third parties can lead to second-rate security

img_2014-10-13_GuardianIDENTITY

Over the weekend, news broke that hundreds of thousands of individual users of SnapChat (many under the age of 18) fell victim to compromise through a third-party service called SnapSaved, reportedly perpetrated by the same group responsible for leaking the celebrity photos. And Dairy Queen revealed that they were the latest in a growing list of retailers that have had customer credit card information stolen as a result of malware installed by hackers using stolen passwords from third-party contractors. Just yesterday, hackers claimed to have stolen almost 7 million Dropbox credentials by compromising a third-party site.

The common thread: the victims, whether individuals or a large company, trusted third parties and paid a steep price as a result. It’s true that adoption of web apps has lead to an increase in productivity and even, according to this report, security. But reliance on third parties also magnifies the damage that unauthorized access can cause. Businesses of all sizes can protect themselves

Does changing your password really make a difference?

img_2014-10-07_Gizmodo

IDENTITY

One of the most common pieces of advice in the wake of a major security breach is to change your password. Often. Let’s take a look at a competing argument: Don’t change your password because frequent changes won’t really keep you safe. The basic gist is this: regularly changing your password gains you nothing because if you’re not already compromised, you’re just swapping out a secure password for another secure password.

Earlier this year, Kirk Lennon published a blog espousing this point of view. But it’s nothing new. In 2010, Computerworld offered similar advice, and in 2012, Gizmodo published this tongue-in-cheek piece balancing security needs with sanity.

If someone compromises your account through script hacking, they’ll most likely change your password immediately to solidify their control of your account. Ultimately, frequent password changes offer minimal security benefit with more inconvenience. And the more often you change your password, the more likely it is that