PROTECT YOUR INFORMATION
Personal Data is Cyber Treasure
05/15/06
It’s no secret the Internet has bred its share of innovation, changing the way we shop, bank, communicate, and do business. But where money’s changing hands, you can bet there’s a criminal writing a nefarious computer code to siphon a piece of it.
Our investigation into recent security breaches across the U.S. that compromised thousands of credit and debit cards is a grim reminder that you can never be too careful with personal information in a heavily wired world. The thefts weren’t just card numbers; included were personal identification numbers (PIN) on thousands of individual debit cards. The case is ongoing, so we can’t release details. But Dave Thomas, head of the computer intrusions section in our Cyber Division, cautions card holders to protect what criminals want most—information about you and your assets.
“They are looking for information that can be bought, bartered, and sold on the Internet,” said Thomas, who describes a criminal underworld that meets in shady online forums to trade bundled stolen card numbers like commodities on an exchange.
Here’s
a typical scenario: A careless employee downloads e-mail from an unknown sender and accidentally unleashes malicious code into the merchant’s computer system; the code quietly gathers customers’ card information; the hacker remotely collects the data, then prints new bogus cards or offers to sell or trade the raw information to a faceless entity in an online chat room full of like-minded hackers and black marketeers. The buyer could be from anywhere, which is how fraudulent charges from overseas could appear on your billing statement, even if your card is still securely tucked in your wallet.
“The
spread of high-speed communication has
brought with it an increase in cyber crimes,” Thomas
said, citing the ease with which criminals
overseas can bait their Internet traps
in the U.S. “Everyone else’s criminals
are our criminals.” Stolen cards played
a central role in the Mytob and Zotob worms
that originated overseas and wreaked havoc
on U.S financial and media companies last
summer.
Financial institutions that issue credit and debit cards are one of the biggest cyber targets. Recent studies show more than 35 percent of Trojan attacks in 2005 targeted the financial and banking sector. Six in 10 U.S. businesses believe cyber crime costs them more than physical crime.
“They’re
really not going after the person that’s
shopping online. They’re going after the
databases, ” Thomas said.
With that in mind, it’s all the more prudent to hold personal records close to
your vest by regularly reviewing credit reports and bank statements.
Online
scams should be reported to the FBI’s
Internet Crime Complaint Center (IC3). You
can learn more about Internet fraud and test
your web savvy at lookstoogoodtobetrue.com,
a website created to help prevent you from
becoming a fraud victim.
Resources: Cyber
Crimes Stories |
Cyber
Investigations |
Internet
Crime Complaint Center (IC3) |
InfraGard