» Welcome to ScamSafe

Identity theft protection, scams, fraud, privacy, credit reports and credit scores are what ScamSafe is all about.

Security Tip: The best background check time is when you are dealing with anyone who is not licensed in their field.

» Utah CTO takes fall for data breach

The executive director of Utah's Department of Technology Services has resigned over a data breach two months ago that exposed the Social Security numbers and other personal data of about 280,000 Medicaid recipients.

Utah Governor Gary Herbert announced the resignation of Stephen Fletcher on Tuesday.
In a statement, Herbert also described various initiatives underway that aim to mitigate the risk of similar breaches in the future.

The State's plan includes an independent audit of all IT security systems, the appointment of a new health data security ombudsman and a continuing investigation of the breach by law enforcement personnel.

More

» Banks are complacent about check fraud

Many banks are complacent about check fraud, perhaps because it's been around for so long. And yet, according to the 2012 Faces of Fraud survey, it remains the second-most common form of fraud institutions face.

Another reason for the complacency? Check fraud seems minor, relative to escalating fraud threats posed by emerging e-commerce channels. "Banks perceive the risk to be much higher in the electronic-payment channels," Tubin says. "With check fraud, they've been dealing with it forever, and they're used to it."

But the lines between old-school schemes such as check fraud, and emerging e-commerce scams are blurring. The advent of check images has married the check to the online channel. And financial institutions that continue to rely on manual processes to detect check fraud find themselves challenged by new cross-channel schemes.

More

» BitCoin hacked, More than 18,000 Bitcoins Stolen

Bitcoinica, a Bitcoin exchange started by a 17-year old teenager Zhou Tong, has been shut down for security investigations. It’s believed that at least 18,000 BTC ($90,000 or 68,000 EUR) have been stolen.
 
News of the hack was posted this morning by Bitcoinica's founder, Zhou Tong:"Today, we have discovered a suspicious Bitcoin transaction that doesn't seem to be initiated by any one of the company owners. Some of them are not online at the moment so this is not conclusive.

More

» 700,000 CA social services records lost

The California office of In-Home Supportive Services, which provides health support to elderly and disabled people, reported on Friday that the personal records of some 700,000 caregivers and care recipients were either lost or stolen.

But this data loss was not due to a server breach, or some complex phishing attack—instead, the Social Services office said that Hewlett Packard, which manages the data controlled by the office, notified the IHSS of the breach after a physical package containing microfiche with thousands of entries of payroll data went missing from a damaged package shipped by U.S. Postal Service to the State Compensation Insurance Fund in Riverside, CA.

As the package arrived damaged and incomplete, it’s unclear whether the information was lost or stolen, but the state has launched an internal investigation and notified law enforcement in the hopes of resolving the issue, according to the Los Angeles Times. "The possibly compromised information, dating from October to December 2011, for 375,000 workers included names, Social Security numbers and wages. For 326,000 recipients, state identification numbers may be at risk,” the LA Times reports. The In-Home Supportive Services office is also sending out hundreds of thousands of letters to potentially affected parties.

» Your Dead Relative Could be a Victim of Identity Theft

Your lost loved one's financial identity could come back to life in a most unsettling way -- 2.5 million deceased Americans' identities are misused every year, according to ID Analytics, an ID theft risk assessment company. The company's research arm compared the names, Social Security numbers and birthdays listed on applications for credit against the Social Security Administration's master file of deaths to come up with those numbers.

ID Analytics says crooks intentionally steal the identities of about 800,000 deceased Americans each year. The company says identity thieves also make up Social Security numbers, and inadvertently make matches with about 1.6 million people a year who have died.

In addition, ID Analytics detected a disturbing pattern of theft of financial information belonging to people who were dying. It's easy to see how that could happen, since people who are gravely ill can easily lose track of the details of their finances. When you break it down, ID Analytics says con artists use dead people's identities more than 2,000 times a day.

» UNC-Charlotte Data Breaches Expose 350,000 SSNs

Confidential data, including bank account and Social Security numbers for some 350,000 University of North Carolina-Charlotte students, staff and faculty, were accidentally exposed -- some for almost 15 years -- due to a system misconfiguration and incorrect access settings that made electronic data publicly available.

The school on Wednesday released a statement on an investigation it launched in February after staff discovered the data breach. The investigation revealed two separate incidents exposed data such as names, addresses, Social Security numbers and financial account information provided during university transactions.

One incident involved misconfigurations and incorrect access settings made during a general university system upgrade that left data stored on the university's H: drive exposed on the Internet from Nov. 9, 2011 to Jan. 31, 2012.

More

» Over 300,000 Complaints of Online Criminal Activity Reported in 2011

FBI's IC3 2011 Internet Crime Report Released 

The Internet Crime Complaint Center (IC3) today released the 2011 Internet Crime Report—an overview of the latest data and trends of online criminal activity. According to the report, 2011 marked the third year in a row that the IC3 received more than 300,000 complaints. The 314,246 complaints represent a 3.4 percent increase over 2010. The reported dollar loss was $485.3 million. As more Internet crimes are reported, IC3 can better assist law enforcement in the apprehension and prosecution of those responsible for perpetrating Internet crime.

In 2011, IC3 received and processed, on average, more than 26,000 complaints per month. The most common complaints received in 2011 included FBI-related scams—schemes in which a criminal poses as the FBI to defraud victims—identity theft, and advance-fee fraud. The report also lists states with the top complaints, and provides loss and complaint statistics organized by state. It describes complaints by type, demographics, and state.

“This report is a testament to the work we do every day at IC3, which is ensuring our system is used to alert authorities of suspected criminal and civil violations,” said National White Collar Crime (NW3C) Center Director Don Brackman. “Each year we work to provide information that can link individuals and groups to these crimes for better outcomes and prosecution of cases.”

Acting Assistant Director of the FBI’s Cyber Division Michael Welch said, “Internet crime is a growing problem that affects computer users around the world and causes significant financial losses. The IC3 is an efficient mechanism for the public to report suspicious e-mail activity, fraudulent websites, and Internet crimes. These reports help law enforcement make connections between cases and identify criminals.”
IC3 is a partnership between the Federal Bureau of Investigation, the NW3C, and the Bureau of Justice Assistance. Since its start in 2000, IC3 has become a mainstay for victims reporting Internet crime and a way for law enforcement to be alerted of such crimes. IC3’s service to the law enforcement community includes federal, state, tribal, local, and international agencies that are combating Internet crime.

» Three Reasons Skimmers Are Winning

Banks and credit unions say that losses linked to card-skimming and other sources of debit card fraud are increasingly concerning.

Arrests and financial losses linked to skimming continue to add up. Why do many institutions struggle to thwart attacks waged against ATMs and the vestibules that house them? 

Mike Urban, a financial fraud expert with Fiserv, a core processor that provides security services to financial institutions, says anti-skimming technologies just can't keep up.

Beyond outdated card technology, a number of factors have contributed to ATM skimming's success. Cardholder behavior, outdated or ineffective anti-skimming technology and too many endpoints are the top three, experts say.

More

» Three Keys to Mobile Security

Mobile banking is being adopted by consumers at an increasing rate, but it's just one piece of the overall mobile financial services puzzle. As the mobility trend grows, banking institutions are still figuring out how far ahead they should look, and what strategies make the most sense.

But Paul Smocer, president of BITS, the technology policy division of the Financial Services Roundtable, says most institutions are doing much more than some observers give them credit for doing. Banking/security leaders are very concerned about mobile, and they're doing what they can to anticipate risks.

During this interview, Smocer discusses:

Three key areas that make up mobile financial services: 1) banking, payments and mobilized traditional services, such as remote deposit capture; 2) Why mobile payments poses the greatest security risks; 3) Steps BITS is taking to address mobile concerns, especially as they relate to FFIEC conformance.

 

More

» Five tips for small biz to protect against security threats

The threat landscape on the Web is becoming more perilous. Security software maker Symantec, in its annual "Internet Security Threat Report" released April 30 found that even as the number of vulnerabilities in 2011 fell by 20 percent over the previous year, the number of malicious attacks grew 81 percent. 

The trend is similar to what Hewlett-Packard saw. In its "Top Cyber-Security Risks Report," announced April 19, HP officials also found that the number of vulnerabilities last year fell by 20 percent, but that the risks involved in those vulnerabilities grew. HP also found that the number of cyber-attacks more than doubled in the second half of 2011. And small and midsized businesses (SMBs) are in the thick of it. More than half of the targeted attacks seen in 2011 were aimed at organizations with fewer than 2,500 employees, and almost 18 percent targeted companies with fewer than 250 employees. The Internet has been a boon for SMBs, making it easier than ever before to do business. But it also raises the threats to smaller companies and their IT departments. 

The biggest risk is seeing their intellectual property, customers’ information or financial transaction data fall into the wrong hands. SMBs need to protect themselves, and Symantec has some ideas how.

More