In recognition of Data Privacy Day, “10 Don’ts” foreword author Tom Jelneck appeared on Fox35’s “Good Day Orlando” program about ways to keep your data safe from hackers and other thieves. You can watch the video via the link below — we are especially grateful to Tom for plugging the book on live TV!!
Direct Link: http://www.fox35orlando.com/good-day/83032189-video
In chapter 6 of 10 Don’ts, “Don’t Let the Snoops In,” we discuss in great detail NSA whistleblower Edward Snowden and the documents he released into the public domain.
The former spy, living in exile in Russia, currently only follows one other Twitter account — the NSA’s. But Snowden has quickly amassed over 1.1 million followers of his own, from all over the world — as shown in this animated GIF released by Twitter:
The @Snowden account carries a blue check mark, indicating that his identity has been verified by Twitter. His only substantive conversation so far has been with Neil deGrasse Tyson, the astrophysicist and all-around science-communicator-guy, who recently interviewed Snowden on his show Star Talk Radio.
Full story: Ars Technica
If you’re an American and haven’t yet created an account at irs.gov, you may want to take care of that before tax fraudsters create an account in your name and steal your personal and tax data in the process.
Recently, KrebsOnSecurity heard from Michael Kasper, a 35-year-old reader who tried to obtain a copy of his most recent tax transcript with the Internal Revenue Service (IRS). Kasper said he sought the transcript after trying to file his taxes through the desktop version of TurboTax, and being informed by TurboTax that the IRS had rejected the request because his return had already been filed.
Full story: Krebs on Security
As we point out in the very first chapter of 10 Don’ts, “Don’t Get Phished,” criminals are getting more sophisticated when they craft phishing scams. They’ll use real terminology, correct English, and proper company/organizational logos to increase the number of people fooled by these malicious emails.
Today, Virginia’s Attorney General Mark Herring (@AGMarkHerring) released a warning about a phishing scam being perpetuated via email, phone, and even social media:
Attorney General Mark R. Herring today warned Virginians to be vigilant for a major, ongoing “phishing” scam involving emails, phone calls, and social media messages purporting to be from the Attorney General and his office. The emails claim to be a “Final Legal Notification” from Attorney General Herring or his staff regarding debt owed to “Cash Advance, Inc,” or some variation thereof, or claim that an “arrest warrant” has been taken out on the recipient. The emails demand payment from the recipient to resolve the issues. In some cases, recipients may receive follow-up phone calls from the scammers perpetuating the fraud. The Attorney General’s Office does not operate in such a manner and the recipient should not respond to the emails or phone calls.
Full story: NBC 29
The records of as many as 80 million customers of Anthem Health Insurance were breached last week. Hackers may have obtained names, addresses, birthdates, medical histories, and other personal data of Anthem subscribers (or former subscribers), and are using this data in phishing attempts to further violate subscribers’ privacy.
So, if you’re one of the affected people, what should you do? ZDNet writer Violet Blue has put together a list of seven helpful steps to take to protect your data. Many of these precautions (such as two-factor authentication, password managers, etc.) are good ideas for everyone — not just Anthem victims — and we recommend many of these in 10 Don’ts on Your Digital Devices.
Full story: ZDNet
“Phishers and phone fraudsters are capitalizing on public concern over a massive data breach announced this week at health insurance provider Anthem in a bid to steal financial and personal data from consumers.
The flood of phishing scams was unleashed just hours after Anthem announced publicly that a “very sophisticated cyberattack” on its systems had compromised the Social Security information and other personal details on some 80 million Americans.”
Full story: Krebs on Security
“Anthem, the US’ second-largest health insurer, announced today that it was the victim of a cyber-attack last week, in which its database of about 80 million records — including names, birthdays and social security numbers — was compromised.
Anthem reports that other personal member data like addresses, phone numbers, email addresses and employment information was also stolen. However, the company says that it has no evidence to show that credit card numbers, medical history, diagnosis or treatment data were exposed.”
Too early to know the source of this hack, of course. But as we point out in 10 Don’ts, many of these attacks are made possible by human error — someone being phished or otherwise social engineered out of a password, someone storing private data in a public location, someone performing sensitive tasks over an open wireless connection, etc.
Full Story: The Next Web