ID Theft and Data Breach Events Will Continue to Threaten Your Personal Privacy in 2019
Vice President and ID Theft Practice Leader
At the end of each year, leading identity theft and cybersecurity companies release reports predicting upcoming cybersecurity risks and trends to help consumers and businesses stay ahead of evolving threats and cyberattacks.
In just the last two weeks, three such reports have been released by Experian, CSO and Webroot with predictions ranging from ransomware, spear phishing, cryptojacking, biometrics, the IoT (Internet of Things) and the GDPR (General Data Protection Rule).
The one report I would like to highlight is the Experian sixth annual Data Breach Industry Forecast, where for consumers, knowing what to do if you become a victim of a data breach can make all the difference in protecting your data and your identity.
Here are Experian's five data breach predictions for 2019:
- Biometric Hacking
Attackers will zero in on biometric hacking and expose vulnerabilities in touch ID sensors, facial recognition, and passcodes. Biometric data has been considered the most secure method of authentication, but it can be stolen or altered, and sensors can be manipulated and spoofed or deteriorate with too much use.
This is the next frontier for an enterprise-wide attack on a major financial institution's national network, and it could result in millions of lost dollars. Credit card skimming uses hidden devices designed to steal card information and passcodes. Criminals are now going after bank networks, moving beyond attacking individual ATMs by loading malware into entire computer systems.
- Major Attack on Wireless Carrier
A major wireless carrier will be attacked with a simultaneous effect on both iPhones and Androids, stealing personal information from millions of consumers smartphones and possibly disabling all wireless communications in the United States. Similar to an attack on critical infrastructure, a serious disruption to a wireless network could halt business, government, and more.
- Cloud Breach
It's a matter of when, not if, a top cloud vendor breach will occur, compromising the sensitive information of major companies. The only question is how long it will take hackers to go to the cloud, affecting the world's largest companies and potentially billions of pieces of data.
The online gaming community will be an emerging hacker target, with cyber criminals posing as gamers and gaining access to the computers and personal data of trusting players. A cybercriminal can easily pose as a gamer or take over an avatar to infiltrate games and communities, stealing personal and credit card information and valuable game pieces and tokens.
In addition to the above, here are two great forecasts from CSO titled 9 Cyber Security Predictions for 2019 (please see here) and Webroot titled What's Next? Webroot's 2019 Cybersecurity Predictions (please see here).
As I mentioned, these reports offer predictions on cybersecurity trends to help consumers and businesses anticipate future risk.
From disrupting businesses with hacking and data breach events to creating havoc with consumer's personal privacy – education is the number one way to mitigate your risk in 2019.
That said and after reading these three reports, I hope you enjoy a good night's sleep along with a Happy Holiday Season and more importantly a Happy New year!
To learn more about these threats and how to protect yourself and your family from Identity Theft, you can read my past newsletters at the Merchants Identity Theft Educational Website at www.idtheftedu.com.
BBB Warns About Cell Phone Porting Scams
By Better Business Bureau of Central Oklahoma. November 29, 2018.
Did you know that with a few easy steps someone could steal your phone number and phone service? A new type of scam has been happening across the country and is a new way for scammers to steal your hard earned money, and even your identity. The scariest part is that this type of scam, called porting or port-out scamming, is that it can help scammers get past added security measures on personal and financial accounts and logins.
To put it another way, think of how many times you have set up an email address, social networking, or logged onto your bank account online or had to change your password. How many times did you have to verify your identity by being sent a code via text message? Now what if you weren't the only one who was reading that message? This new type of scam absolutely could bypass that layer of security and has a huge potential for your identity to be stolen faster than you think. Luckily you can protect yourself and your Better Business Bureau® is here to help you identify and protect yourself.
What is a cell phone porting or port-out scam?
A scammer finds out your name and phone number and then attempts to gather as much personalidentifiable information (PII) as possible about you. PII includes name, address, Social Security number (Social Insurance number in Canada), date of birth, and other information that can be used for identity theft. They then will contact your mobile provider, impersonating you, and inform them that your phone was stolen and request the number be "ported" with another provider and device. In some cases, if they were really brave and in a retail location and/or online, they might even try to buy a new phone which could make a sales representative incentivized to quickly fulfill their request and forgo some formal verification procedures.
The scariest part? Once they have your number ported to a new device they can then start accessing and gaining entry to accounts that require additional authorization in terms of a code texted directly to your phone for security verification. Those added security measures are usually in place on accounts provided by email providers, social networks, tax preparation software, and even financial institutions.
BBB offers these tips to help protect yourself from this specific type of scam:
- Inquire with your wireless provider about port-out authorization. Every major wireless has some sort of additional security for accounts or for port-out authorization that customers can set up, like a unique pin, or add verification question, which will make it more difficult for someone to port-out your phone. Contact your mobile provider and speak to them specifically about porting and/or port out security on your account.
- Watch out for unexpected "Emergency Calls Only" status. Call your mobile phone company if your phone suddenly switches to "emergency call service only" or something similar. That's what happens when your phone number has been transferred to another phone.
- Be vigilant in about communications you receive. Watch out for phishing attempts, alert messages from financial institutions, texts in response to two-factor authorization requests.
For more tips on how to protect your personal information and guard yourself against identity theft click here.
If you've fallen victim to this type of scam, alert your mobile provider, financial institutions and take the standard steps to combat identity theft. Also, BBB encourages you to file a report on BBB ScamTracker and be a hero to your community by warning others.
Stay up on the latest scams by subscribing to BBB Scam Alerts emails. BBB Serving Central Virginia contributed to this report.
If you believe your identity has been stolen, call 866.SMART68 today!