Showing posts with label skimmers. Show all posts
Showing posts with label skimmers. Show all posts
Friday, June 13, 2014
Your Secrets Aren't Safe
Data thieves are after your most private info—when you use Wi-Fi and shop online, and even when you store files in the
cloud
Wednesday, May 14, 2014
Monday, April 07, 2014
Now drones are being used to expose bank details and passwords
Hackers manage to access 150 phones an hour through Wi-Fi
Experts in London have proved it's possible to use drones to steal data
They modified an aircraft capable of tapping into a phone's Wi-Fi settings
Once it had access, it was able to read and steal personal information
Called Snoopy, the drone takes advantage of smartphones that actively search for networks
From this it can also see networks those devices have accessed in the past
During tests, hackers exposed credit card information and passwords
By Sarah Griffiths
News that hovering drones can now steal passwords from unsuspecting phones will do little to ease fears that the widespread use of unmanned aircraft could infringe upon our privacy.
Hackers in the U.S have managed to 'steal' information, including Amazon passwords, bank details and even people’s home addresses using an aircraft.
While it might sound like the crime of the century, the exercise was an experiment to show it is possible to use drones to tap into a smartphone’s Wi-Fi settings and access valuable information
Hackers have proved that it is possible to steal information, including Amazon passwords, bank details and even home addresses from smartphones that have Wi-Fi turned on, using specially adapted drones (a stock image of a quadcopter is pictured)
The test was conducted in London and the group will share their findings at the Black Hat Asia cybersecurity conference in Singapore next week, CNN reported. The drone, known as Snoopy, seeks out smartphones that have Wi-Fi turned on. It then makes use of built-in technology which can see what networks the phones have accessed in the past. In theory, almost any drone could be adapted to do this. HOW CAN A DRONE STEAL SOMEONE'S IDENTITY? The drone, known as Snoopy, seeks out smartphones that have Wi-Fi turned on. It then makes use of built-in technology which can see what networks the phones have accessed in the past. In theory, almost any drone could be adapted to do this. Phones 'noisily' reach out to networks, according to the experts. Snoopy looks for this activity and when hovering nearby it emits a signal masquerading as another network. The phone ‘trusts’ that it is accessing a trusted Wi-Fi network but instead connects to the quadcopter's network. Snoopy can then intercept everything a smartphone sends and receives and allows skilled hackers to see passwords, bank details and the phone's location. . London-based Sensepost security researcher Glenn Wilkinson, said: ‘Their phone will very noisily be shouting out the name of every network its ever connected to. 'They'll be shouting out, “Starbucks, are you there?...McDonald's Free Wi-Fi, are you there?”’ When this happens, Snoopy hovers nearby and emits a signal masquerading as another network and the phone ‘thinks’ it is accessing a trusted Wi-Fi network. However, when it connects to the quadcopter’s network, Snoopy will intercept everything a smartphone sends and receives using a complicated method described by the company. Wilkinson said: ‘Your phone connects to me and then I can see all of your traffic.’ He is able to see the websites a person visits, any credit card information entered or saved, their location, usernames and passwords. In the wrong hands, this could potentially leave a mystified smartphone user out of pocket. The hackers managed to gain access by looking at a unique identification number known as a Media Access Control (MAC) address. This number matches web traffic to a specific device. To demonstrate the effectiveness of the technology, Wilkinson spent an hour with CNN showing them how he could obtain network names and GPS coordinates for 150 smartphones used by Londoners. While collecting metadata and network names is not strictly illegal, intercepting passwords and credit card details with the intent of using them is. The ethical hackers said they're demonstrating the technology to highlight how vulnerable smartphone users can be. The drones might seem even more threatening to people than remote hackers because the aircraft can hover close to potential ‘victims’ are incredibly mobile. There is a prospect that the technology could be put to good use for law enforcement purposes, however, such as identifying looters in a riot. While it is not thought that anyone is currently using this snooping technique in the real world, smartphone users can protect themselves by shutting off their Wi-Fi when they are not using it, or only access secure networks.
Hackers have proved that it is possible to steal information, including Amazon passwords, bank details and even home addresses from smartphones that have Wi-Fi turned on, using specially adapted drones (a stock image of a quadcopter is pictured)
The test was conducted in London and the group will share their findings at the Black Hat Asia cybersecurity conference in Singapore next week, CNN reported. The drone, known as Snoopy, seeks out smartphones that have Wi-Fi turned on. It then makes use of built-in technology which can see what networks the phones have accessed in the past. In theory, almost any drone could be adapted to do this. HOW CAN A DRONE STEAL SOMEONE'S IDENTITY? The drone, known as Snoopy, seeks out smartphones that have Wi-Fi turned on. It then makes use of built-in technology which can see what networks the phones have accessed in the past. In theory, almost any drone could be adapted to do this. Phones 'noisily' reach out to networks, according to the experts. Snoopy looks for this activity and when hovering nearby it emits a signal masquerading as another network. The phone ‘trusts’ that it is accessing a trusted Wi-Fi network but instead connects to the quadcopter's network. Snoopy can then intercept everything a smartphone sends and receives and allows skilled hackers to see passwords, bank details and the phone's location. . London-based Sensepost security researcher Glenn Wilkinson, said: ‘Their phone will very noisily be shouting out the name of every network its ever connected to. 'They'll be shouting out, “Starbucks, are you there?...McDonald's Free Wi-Fi, are you there?”’ When this happens, Snoopy hovers nearby and emits a signal masquerading as another network and the phone ‘thinks’ it is accessing a trusted Wi-Fi network. However, when it connects to the quadcopter’s network, Snoopy will intercept everything a smartphone sends and receives using a complicated method described by the company. Wilkinson said: ‘Your phone connects to me and then I can see all of your traffic.’ He is able to see the websites a person visits, any credit card information entered or saved, their location, usernames and passwords. In the wrong hands, this could potentially leave a mystified smartphone user out of pocket. The hackers managed to gain access by looking at a unique identification number known as a Media Access Control (MAC) address. This number matches web traffic to a specific device. To demonstrate the effectiveness of the technology, Wilkinson spent an hour with CNN showing them how he could obtain network names and GPS coordinates for 150 smartphones used by Londoners. While collecting metadata and network names is not strictly illegal, intercepting passwords and credit card details with the intent of using them is. The ethical hackers said they're demonstrating the technology to highlight how vulnerable smartphone users can be. The drones might seem even more threatening to people than remote hackers because the aircraft can hover close to potential ‘victims’ are incredibly mobile. There is a prospect that the technology could be put to good use for law enforcement purposes, however, such as identifying looters in a riot. While it is not thought that anyone is currently using this snooping technique in the real world, smartphone users can protect themselves by shutting off their Wi-Fi when they are not using it, or only access secure networks.
Friday, December 06, 2013
10 Ways to Protect Yourself Against Identity Theft
Protecting yourself against identity theft is always easier than having to clear your name and credit record after the fact. It can take a lot of your time and even some of your own money to clear your name if you are a victim. So, here are 10 things you can do to help protect yourself from becoming one of the 9.9 million victims of identity theft.
#1. Guard your social security number, PINs, passwords and account numbers. Are you walking around with your social security card in your wallet, on your checks and maybe even on your driver’s license? Do you have all your passwords and account numbers written out and shoved in your wallet or purse? If you do, you could make it really easy for a thief to open accounts in your name. Only give out your social security number when absolutely necessary, generally for tax purposes or when applying for credit. For job applications, driver’s license and school identification, your social security number is not usually required. When asked for your Social Security Number for things like driver’s licenses or student IDs, first ask if it is possible to not have it printed on these items. If that isn’t possible then find out how your information will be used and what measures will be taken to protect it..
#2. Monitor bank statements and credit card statements. Make sure you’re looking at your bank and credit card statements regularly, checking for any suspicious activity, such as withdrawals or purchases you didn’t make. If you don’t receive paper statements, make sure you are using online banking to check your statements often. The more frequently you are checking your accounts, the quicker you would catch the theft and contain the possible damage. .
#3. Shred documents. You should shred anything that has personal information on it, like past account statements and any of those pre-approved credit card offers that don’t interest you. You might also consider calling 1-888-5-OptOut or visiting www.optoutprescreen.com to be removed from any future mailing lists for those types of offers. Just know that there might be some good offers out there that you might miss out on. .
Click on the thumbnail to view full-size. Secure Site Example #4. Make sure websites are secure. Whether you’re shopping, banking or paying bills, you need to make sure that the information you share online is secure and won’t be shared with anyone else. Anytime you are about to share personal information, such as your Social Security number, credit card information or bank account number, make sure the site is secure by looking for two things: a yellow lock in the lower right-hand corner of your browser and the “s” on the end of http: in the URL line of your browser. If you don’t see these, find someplace else to shop. .
#5. Be cautious when sharing computers. If you share a computer with a roommate, or use a computer at a library or computer lab, make sure you clear all cookies when you are finished using the computer and always make sure you log out and delete your log in from the computer’s memory. .
#6. Guard your laptop, cell phone, PDA and other technology against theft. Laptops, cell phones and PDAs are hot targets for thieves, so make sure you keep close watch on these items and use strong passwords with a combination of upper and lower case letters, numbers and symbols to protect your data. #7. Keep copies of cards and documents. It’s a good idea to keep a copy of all your identification and credit cards, as well as other important documents, in case they are stolen. This is especially helpful if one or more of your credit cards goes missing because you’ll have the 1-800 numbers and account numbers so you’ll easily be able to call the credit card company and cancel your card. .
#8. Treat mail with care. Always deposit any outgoing mail containing personally identifying information in a post office collection box or at the post office, rather than in an unsecured mailbox. And make sure you get your mail every day. You might consider contacting your bank, credit card provider and other companies that send you bills to switch to paperless billing. If you're planning to be away from home and have no one that can pick up your mail for you, contact the U.S. Postal Service to request a vacation hold. The USPS will hold your mail at your local post office until you can pick it up or can begin receiving it again. .
#9. Avoid phishing scams. Never give out your personal information on the phone, through the mail or via the Internet unless you are sure you know who you're dealing with. Identity thieves may pose as representatives of banks, Internet service providers (ISPs), or government agencies to get you to reveal your Social Security number, account numbers and other identifying information. .
#10. Be cautious when using the ATM. If you’re using a walk-up ATM, a gas pump, a grocery store card swipe machine or any other public debit or credit machine, make sure to keep an eye on the people around you to ensure they’re not “shoulder surfing,” or watching you as you enter in your PIN. Also make sure you take any receipts with you when you are finished with your transaction. Be on the lookout for any unusual equipment on the ATM to ensure a skimming device has not been attached. Another good tip is to cover the keyboard while entering your PIN so that it cannot be recorded by a hidden camera or seen by someone close by.
#1. Guard your social security number, PINs, passwords and account numbers. Are you walking around with your social security card in your wallet, on your checks and maybe even on your driver’s license? Do you have all your passwords and account numbers written out and shoved in your wallet or purse? If you do, you could make it really easy for a thief to open accounts in your name. Only give out your social security number when absolutely necessary, generally for tax purposes or when applying for credit. For job applications, driver’s license and school identification, your social security number is not usually required. When asked for your Social Security Number for things like driver’s licenses or student IDs, first ask if it is possible to not have it printed on these items. If that isn’t possible then find out how your information will be used and what measures will be taken to protect it..
#2. Monitor bank statements and credit card statements. Make sure you’re looking at your bank and credit card statements regularly, checking for any suspicious activity, such as withdrawals or purchases you didn’t make. If you don’t receive paper statements, make sure you are using online banking to check your statements often. The more frequently you are checking your accounts, the quicker you would catch the theft and contain the possible damage. .
#3. Shred documents. You should shred anything that has personal information on it, like past account statements and any of those pre-approved credit card offers that don’t interest you. You might also consider calling 1-888-5-OptOut or visiting www.optoutprescreen.com to be removed from any future mailing lists for those types of offers. Just know that there might be some good offers out there that you might miss out on. .
Click on the thumbnail to view full-size. Secure Site Example #4. Make sure websites are secure. Whether you’re shopping, banking or paying bills, you need to make sure that the information you share online is secure and won’t be shared with anyone else. Anytime you are about to share personal information, such as your Social Security number, credit card information or bank account number, make sure the site is secure by looking for two things: a yellow lock in the lower right-hand corner of your browser and the “s” on the end of http: in the URL line of your browser. If you don’t see these, find someplace else to shop. .
#5. Be cautious when sharing computers. If you share a computer with a roommate, or use a computer at a library or computer lab, make sure you clear all cookies when you are finished using the computer and always make sure you log out and delete your log in from the computer’s memory. .
#6. Guard your laptop, cell phone, PDA and other technology against theft. Laptops, cell phones and PDAs are hot targets for thieves, so make sure you keep close watch on these items and use strong passwords with a combination of upper and lower case letters, numbers and symbols to protect your data. #7. Keep copies of cards and documents. It’s a good idea to keep a copy of all your identification and credit cards, as well as other important documents, in case they are stolen. This is especially helpful if one or more of your credit cards goes missing because you’ll have the 1-800 numbers and account numbers so you’ll easily be able to call the credit card company and cancel your card. .
#8. Treat mail with care. Always deposit any outgoing mail containing personally identifying information in a post office collection box or at the post office, rather than in an unsecured mailbox. And make sure you get your mail every day. You might consider contacting your bank, credit card provider and other companies that send you bills to switch to paperless billing. If you're planning to be away from home and have no one that can pick up your mail for you, contact the U.S. Postal Service to request a vacation hold. The USPS will hold your mail at your local post office until you can pick it up or can begin receiving it again. .
#9. Avoid phishing scams. Never give out your personal information on the phone, through the mail or via the Internet unless you are sure you know who you're dealing with. Identity thieves may pose as representatives of banks, Internet service providers (ISPs), or government agencies to get you to reveal your Social Security number, account numbers and other identifying information. .
#10. Be cautious when using the ATM. If you’re using a walk-up ATM, a gas pump, a grocery store card swipe machine or any other public debit or credit machine, make sure to keep an eye on the people around you to ensure they’re not “shoulder surfing,” or watching you as you enter in your PIN. Also make sure you take any receipts with you when you are finished with your transaction. Be on the lookout for any unusual equipment on the ATM to ensure a skimming device has not been attached. Another good tip is to cover the keyboard while entering your PIN so that it cannot be recorded by a hidden camera or seen by someone close by.
Monday, October 08, 2012
Skimmers May Use Smartphones To Steal Credit Card Information
) – The increasingly popular radio frequency identification (RFID) credit cards that allow consumers to pay by tapping may be making it easier for crooks to steal valuable information with their smartphones.
By tapping machines equipped with radio frequency readers, people can conveniently pay with RFID credit and debit cards without having to enter PIN numbers.
According to the owner of Identity Stronghold, Walt Augustinowicz, credit card skimmers made up of about $100 worth of parts easily obtained online can steal enough information to clone credit cards.
Similarly, tech-savvy scammers can also use their smartphones to steal information with just a simple tap.
As Augustinowicz demonstrated, a hacker can develop a smartphone app or game that looks harmless, but when it gets close enough to an RFID card, the app launches and scans the card’s information and sends the details off to the hacker’s email address.
Augustinowicz said that if hackers are talented enough, they can develop RFID information-stealing apps and games that many may mistake as something benign and download them.
“Hundreds of people start downloading it, and they just sit back and watch their email box fill up with credit card numbers they can use,” he said.
Not all smartphones are at risk for these virus-like apps and games, though. Only phones with near field communication like Google Wallet Android technology that allows for pay by tapping have the safety dangers.
pay by tapping have the safety dangers.
However, as pay-by-tapping technology becomes more widely used, security expert, Eddie Schwartz, said RFID software will become an industry standard.
“It’s a good thing that people are pointing out these vulnerabilities. It forced us as an industry to be more vigilant and to take the necessary steps to protect our assets,” he said.
To protect your information, Augustinowicz recommends buying a protective case or wrapping cards in tin foil to block RFID signals.
Thursday, April 22, 2010
Special Alert
Hi Everyone,
It's the time of year where everyone is starting to get outside and travel a lot more which canleave you open to this scam which has been reportedly spreading quickly .
ATM Users Warned About Credit Card Skimmers
April 22, 2010 02:04 PM
(Washington Post) — Cases of a hard-to-detect form of credit card fraud are showing up more frequently in the Washington region, police say, including a recent case in Rockville, where a skimming device that reads encrypted credit card data was found in a Wachovia bank branch ATM. A credit card skimmer is a device that uses a card scanner and camera to capture credit card information. The skimmer is placed over the card slot reader and reads the magnetic swipe, while a hidden miniature camera in the device works in tandem to record the personal identification number
More on Credit Card Scimmers
It's the time of year where everyone is starting to get outside and travel a lot more which canleave you open to this scam which has been reportedly spreading quickly .
ATM Users Warned About Credit Card Skimmers
April 22, 2010 02:04 PM
(Washington Post) — Cases of a hard-to-detect form of credit card fraud are showing up more frequently in the Washington region, police say, including a recent case in Rockville, where a skimming device that reads encrypted credit card data was found in a Wachovia bank branch ATM. A credit card skimmer is a device that uses a card scanner and camera to capture credit card information. The skimmer is placed over the card slot reader and reads the magnetic swipe, while a hidden miniature camera in the device works in tandem to record the personal identification number
More on Credit Card Scimmers
Subscribe to:
Posts (Atom)
