cybercrime

Current State of Cybercrime in 2016

The bon mot that “crime doesn’t pay” certainly predates the advent of cybercrime. Today, these digital hold-ups against businesses are highly profitable.  Let’s face it: if cybercrime was a publicly traded stock, realizing the return on investment, we’d all be on the phone with our respective broker begging for them to include it in our…

MySpace and Tumblr Breaches Put Other Consumer Brands on Alert

With the unveiling of two more “mega breaches” this morning, the headlines and news cycles are clamoring for continued updates.  The more serious of the two involved the breach at MySpace with 427 million email addresses and linked passwords stolen.  The other involved 65 million unique emails and passwords stolen from the popular site, Tumblr. …

New PCI Multifactor Authentication Rules: Is it Too Late?

The PCI Security Council just extended its requirements for multi-factor authentication to anyone who has access to credit card data. These requirements, which comes on the heels of the European Parliament adopting its revised Directive on Payment Services (PSD2) late last year, require strong authentication for all Internet transactions. PSD2 also introduces strict security requirements…

Not on My Dime: When Fraudsters Take a Phantom Ride

As any parent with children in sports knows, it is simply not possible to be in two places at the same time.  I have tried to defy the laws of time and space by magically appearing at two different baseball fields when my sons’ games are conveniently scheduled at the same time on different fields…

LinkedIn Breach: The Death of Passwords Has Finally Arrived

The headline screamed at me this morning when I opened my inbox, “117 million LinkedIn user credentials compromised.”  I had no reaction as I went to get my first cup of coffee.   Credentials have become a commodity to hackers and are sold widely and cheaply in different venues—both in the deep-and open-web.   Stolen credit cards…

Fraud Investigation: A Big Job for Small Teams

RSA recently conducted a survey among security and fraud investigation professionals within the e-commerce industry to gauge the cyber threats and business challenges that plague them most.  While many interesting insights emerged, there was one that stood out: finding the source of fraud takes too long. Among the observations and conclusions: Detecting fraud/suspicious activity isn’t…

The Industrialization of Cybercrime: Driving Innovations in Security

If you compare the world of cybercrime now to that of 10 years ago, there really is no comparison. Whether one measures its impact through estimated profits – which some estimate as now surpassing those of the profits for illegal drugs – or from the scale, scope, and sophistication of available “black hat” services and…

Find Friends and Credit Cards on Facebook: The New Cybercrime Reality

Social media attracts all kinds. These sites are used for catching up with friends on Facebook, instant news dissemination on Twitter, partisan political viewpoints expressed in online forums, real-time reach outs on Snapchat, professional networking on LinkedIn — and now, not surprisingly, they’re used as global havens for cybercrime. With the release of the second…

Ransomware: The New Cyber Kryptonite

And then, there was irony. While Apple has been able to hold out against the FBI demanding it produce a backdoor into the iPhone used in the recent San Bernardino attack, it was unable to render a similar defense against a strain of ransomware that recently, albeit briefly, infected its own Mac computers. The recent…

A Tale of One Password and Unhappily Ever After for Retailers

Do you recycle? I’m not talking here about paper, glass and aluminum waste. I mean online passwords.  For most consumers, password recycling is a given which exposes them to a wide variety of other identity theft risks.  However, poor identity management practices on the part of consumers also puts retailers and e-commerce merchants at risk…