420 likes | 571 Views
IF YOU THINK THAT YOUR CREDIT OR DEBIT CARD WAS COMPROMISED... Presented by Ira Wilsker Associate Professor of Management Lamar Institute of Technology Beaumont, Texas. IF YOU THINK THAT YOUR CREDIT OR DEBIT CARD WAS COMPROMISED...
E N D
IF YOU THINK THAT YOUR CREDIT OR DEBIT CARD WAS COMPROMISED... Presented by Ira Wilsker Associate Professor of Management Lamar Institute of Technology Beaumont, Texas
IF YOU THINK THAT YOUR CREDIT OR DEBIT CARD WAS COMPROMISED... According to the Bureau of Justice Statistics, in a report released recently (December 12, 2013), " An estimated 16.6 million people, representing 7 percent of all persons age 16 or older in the United States, experienced at least one incident of identity theft in 2012.“ If 2014 has a similar identity theft rate to the rate in 2012, about one in 14 of us will be the victim of identity theft this new year. With the explosion of the recent massive data thefts in our retail sector, I would not be surprised to see the absolute number of identity theft victims as well as the rate of victimization increase substantially this year. We will discuss the proactive steps we can take to harden our financial protections and reduce the identity theft risks.
Target: Data breach caught up to 70M customers Associated Press – Fri, Jan 10, 2014 NEW YORK (AP) — Target's pre-Christmas security breach was significantly more extensive and affected millions more shoppers than the company reported last month. The nation's second largest discounter said Friday that hackers stole personal information — including names, phone numbers as well as email and mailing addresses — from as many as 70 million customers as part of a data breach it discovered in December. Target Corp. disclosed last month that about 40 million credit and debit cards may have been affected by a data breach that happened between Nov. 27 and Dec. 15 — just as the holiday shopping season was getting into gear.
Users should not use street address, birthday, anniversary, last four digits of social security number, or any other identifiable PIN number, but should instead use a somewhat random number for their new PIN.
AUTHENTIC EMAILFROM TARGET ON JANUARY 15, 2014INFORMING CUSTOMERSOF FREE CREDITMONITORING AND ID THEFT SERVICES
Target announced that we would offer one year of free credit monitoring and identity theft protection to all Target guests who shopped U.S. stores, to provide an added safeguard following the recent data breach. https://creditmonitoring.target.com
UPDATE- January 24 – Neiman Marcus to offer a year of free credit monitoring to customers who shopped in their stores from January 2013 to January 2014 Details on website
Hotel Franchise Firm White Lodging Investigates Breach January 31, 2014 White Lodging, a company that maintains hotel franchises under nationwide brands including Hilton, Marriott, Sheraton and Westin appears to have suffered a data breach that exposed credit and debit card information on thousands of guests throughout much of 2013, KrebsOnSecurity has learned. Multiple sources in the banking industry began sharing data indicating that they were seeing a pattern of fraud on hundreds of cards that were all previously used at Marriott hotels from roughly March 23, 2013 on through the end of last year. All of those locations are managed by Merrillville, Indiana-based White Lodging Services Corporation, which bills itself as “a fully-integrated owner, developer and manager of premium brand hotels.” According to the company’s Web site, White Lodging’s property portfolio includes 168 full service hotels in 21 states, with more than 30 restaurants.
An advertisement for “Eagle Claw,” a base of more than 2 million card “dumps” stolen from Target
I’ll Take 2 MasterCards and a Visa, Please (Identity theft victims) probably have no idea that their credit card information is worth about $1.50 for U.S. accounts, and $4 (USD) for accounts belonging to U.K. residents on the “carder” website, rock3d.cc. This is one of many sites where one can buy stolen Visa, MasterCard, Discover and Amex card information. The trouble is, the minute you seek to narrow your search using the built-in tools, the site starts adding all these extra convenience fees. For a premium, you can obtain “fullz,” or the card data plus other useful information about cardholders, such as their date of birth, mother’s maiden name, etc.
Card shopping options at mn0g0.su Included in the mn0g0.su database are more than 81,000 sets of credit and debit card numbers, along with their associated expiration dates and card security code. Each listing also includes the owner’s name, address and phone number and/or email address. The Social Security number, mother’s maiden name and date of birth are available for some cardholders. The site does not accept credit card payments; shopper accounts are funded by deposits from “virtual currencies,” such as WebMoney and LibertyReserve (and now, BitCoins).
Non-US Cards Used At Target Fetch Premium LOCATION OF TARGET STORE
CANADIAN BANK CARDS USED AT U.S. TARGET STORES FETCH PREMIUM PRICES LOCATION OF TARGET STORE
According to the “base” name for all stolen cards sold at this card shop, the proprietor sells only cards stolen in the Target breach. LOCATION OF TARGET STORE
THERE ARE SEVERAL FACTORS THAT DETERMINED THE PRICE OF THE STOLEN TARGET CREDIT AND DEBIT CARDS: THE CREDIT LIMIT ON THE CARD, EXPIRATION DATE, LOCATION OF ISSUING BANK, TYPE OF CARD, ETC.
Despite the massive nature of these data thefts, other than some inconvenience, there is little likelihood that any significant number of victims will suffer any material financial losses. According to Wikipedia, “The liability of a U.S. debit card user in case of loss or theft is up to $50 USD if the loss or theft is reported to the issuing bank in two business days after the customer notices the loss. If the physical credit card is not lost or stolen, but rather just the credit card account number itself is stolen, then Federal Law guarantees card holders have zero liability to the credit card issuer. Almost all of the financial institutions issuing debit and credit cards have a "zero liability" policy that holds financially harmless any consumers who may have been the victims of credit fraud.
With so many victims of this massive cyber theft, a second wave of related criminal activity has already commenced; many victims have reported receiving "spear phishing" emails (targeted spam emails), telephone calls, and text messages offering to help restore the victims' credit, recover unauthorized charges, and offer "protection" services. Preliminary investigations indicate that these are predominately scams carefully orchestrated to illicitly obtain additional funds from the victims, and to garner additional personal information in order to enhance the effectiveness of the identity theft.
On the heels of yet another announcement of a consumer information hack, the Consumer Financial Protection Bureau has issued a consumer advisory to help consumers protect themselves and where to get help if they suspect their information has been compromised. • Monitor accounts for unauthorized charges or debits; • Alert your bank or card provider immediately if fraud is suspected; • Follow up with the bank or card provider and maintain records; • Avoid scams that ask for personal information over email or by phone.
CREDITKARMA.COM OFFERS “REALLY FREE” CREDIT MONITORING AND CREDIT SCORES
QUESTIONS? DISCUSSION? Ira Wilsker ira.wilsker@lit.edu