December 26th, 2013
How to “TARGET” 40 million credit and debit cards with a Target Breach
The large retail chain Target (USA) announced last week that about 40 million credit and debit cards may have been affected in a Target data breach from Nov. 27 to Dec. 15. Stolen information related to Target store cards and major credit cards, The Associated Press reported.
This breach was for in-store purchases not online according to Target.
This leads me to the reason for this post today.
Now you may or may not have been affected by this breach, but what is about to happen to the US credit cards & debit cards over the next 2 years you should be aware of.
The US plans to have all credit cards issued with the chip by 2015, many if not all as we have here in Australia will be RFID enabled.
The global roll-out of RFID (radio frequency identification) technologies used in the ‘Tap&Go’ credit cards or ePassports increases the chance of your personal data getting skimmed will be even greater.
The frightening thing is you will be not aware of it as no contact is needed to skim you nor will it be a breach of millions of credit cards, it will be yours and you will not find out until it’s too late.
As mentioned in the video, even with this know widespread breach the hassle at the very least to you as a cardholder is very real and could take some time to try and rectify the issues it has created for you.
I thought ‘chip’ or EMV cards are safer?
The financial institutions & card issuing companies tell us they are more secure than the mag stripe, which in many ways they may be, however, they have replaced one vulnerable technology with another. (yes a mag stripe card can be copied, but the criminal has to actually have the card in their possession to clone it even if for just a few seconds it takes to swipe the mag stripe, with the new RFID, enabled cards the criminal can electronically skim your card data without you ever knowing it)
This opens up an entirely new security issue as RFID enabled cards just by the nature of the technology are always open to transmitting your personal data over open airwaves & that means anyone & I mean anyone can skim it. In-fact many smartphones now come with NFC (near field communication) technology-enabled, which means they can in effect be used to skim your cards easy, just do a search in the google play store for credit card skimming apps and there are FREE ones to download.
Although NFC means you have to me ‘Nearer’ the mark (person your skimming) that usually is not an issue, think being in a shopping mall on an escalator in close proximity to others, bang a perfect way to use your NFC phone to skim the person wallet in there back pocket. Pretty scary when you think of how many smartphones are out there & how now not even harden ID thieves but opportunistic persons could skim your data that easy.
Now back to RFID technology (which allows you skim from a greater distance) you can buy a RFID off say eBay or Amazon for under $100, then its pretty easy to find a way to dial up the power on the reader and antenna strength (just google search how to do it) and now you can skim people from further away & if they are using ‘passive’ protection lets say like an RFID wallet or wrapping your credit cards in sleeves they can often still be penetrated by these hi powered reader (at the best they may limit the distance you get skimmed but you still could be skimmed)
The best defence is active defence.
1. Don’t just believe it will never happen to you
2. Don’t just blindly believe the institutions who issue these cards have your security interests in the best interest.
3. The time has come for you to be responsible for protecting your personal data, clearly, these breaches and the new wave of electronic skimming shows you that your personal data needs to be protected by you first. Gone are the days of working to have your data public when needed (PR) now you have to work to keep your personal data private.
It starts with ARMOURCARD the #1 Active RFID & NFC Protective device.
December 17th, 2013
Debunking Identity Theft Myths – A guide to opening your eyes!
Really interesting article written by Neal O’Farrell from Identity Theft Council Blog that answers some of the common myths surrounding iD theft. Well done Neal & the IDTC.
Identity Theft Myth #1
- IDENTITY THEFT IS MORE HYPE THAN REAL
Identity theft may be the single greatest crime epidemic in the history of America. According to research firm Javelin Strategy and Research, identity theft claimed an average of more than a million victims a month in 2012. The Department of Justice recently put the total number of victims at more than 16 million last year.
That means there were more victims of identity theft last year that there were burglaries, attempted burglaries, assaults, robberies, arsons, vehicles thefts, purse snatchings, pickpocketings, check fraud, and shoplifting combined.
Identity Theft Myth #2
- IDENTITY THEFT VICTIMS ARE NOT REALLY VICTIMS BECAUSE THEY GET THEIR MONEY BACK, SO IT’S NO BIG DEAL
The biggest cost for victims of identity theft is the long-term emotional harm. If a thief has your Social Security Number, or a grudge, as a victim you can be fighting for your identity for years. Victims often talk about the emotional harm being the worst the worry, the harm to their credit, their lack of trust, their feelings of betrayal, wondering when the next shoe will drop, if it will impact their credit worthiness, their job, etc.
Identity Theft Myth #3
- ZERO LIABILITY MEANS I HAVE NOTHING TO LOSE EVEN IF I AM A VICTIM
If you lose a small amount, say a few hundred dollars, your bank, credit union, or credit card companies is likely to reimburse you. But if it’s more than that, or you can?t explain how the money was removed from your bank account, banks will often either deny your claim outright or tell you they will need to launch an investigation which can take months.
And you may be in even bigger trouble if your debit card is copied through skimming. The thieves will have your card and pin, without your knowledge, and banks will often us that as an excuse to blame you, the victim.
Identity Theft Myth #4
- I FROZE MY CREDIT SO MY IDENTITY IS SAFE.
A freeze is helpful but only protects against new account creation. It doesn’t?t stop a thief misusing an existing account or credit card, prevent skimming, emptying a bank account, check fraud, using your identity to file fraudulent tax refunds, Social Security fraud, employment fraud and many other types of identity theft. And in a troubling trend, identity thieves are turning to payday lenders as a way to get around freezes, fraud alerts, and monitoring, because payday lenders often don’t run credit checks.
Identity Theft Myth #5
- I SHOULD BE MORE WORRIED ABOUT MORE COMMON CRIMES LIKE BURGLARY, PURSE SNATCHINGS AND PICK POCKETS
You are 6 more times more likely to be a victim of identity theft than burglary, and 500 times more likely to be a victim of identity theft than purse snatching.
Identity Theft Myth #6
- I CAN JUST GET A POLICE REPORT TO PROVE I’M A VICTIM.
A police report is vital if you need to defend yourself against claims from debt collectors or victimized businesses. But they’re not always easy to get, in spite of the fact the victims are entitled by Federal law to a police report.
Common excuses victims receive when they try to file a police report are: You need to file the report in the jurisdiction where the crime was committed and you’ll need hard evidence before a police report can be filed. Neither is true but you may still have to be patient when trying to get a police report.
Identity Theft Myth #7
- I TEND TO SHOP ON SMALL BUSINESS WEBSITES BECAUSE THEY’RE TOO SMALL FOR HACKERS.
Most security experts believe that small businesses are now the number one target for hackers, mainly because of lax security. Web security firm SiteLock reports finding up to 5,000 new small business websites every single day that has already been comprised with malware waiting to infect visitors and shoppers.
Identity Theft Myth #8
- I USUALLY USE A DEBIT CARD BECAUSE IT’S MUCH SAFER.
A credit card is a much safer bet than a debit card. A debit card connects directly to your bank account. If it?s compromised, the thief is stealing your money. If your credit card is compromised, the thief is stealing the bank?s money. Which would you prefer?
Identity Theft Myth #9
- I HAVE GOOD ANTIVIRUS SOFTWARE THAT?S ALWAYS UPDATED, SO I DON’T HAVE TO WORRY ABOUT CYBER THREATS.
Antivirus software is very important but it’s only one layer of protection. A study by the University of Alabama found that most of the popular antivirus programs in use today only catch about 25% of malware. A test in December 2013 by security firm OPSWAT found that out of 44 of the most popular antivirus products on the market, only one could detect a keylogger.
Identity Theft Myth #10
- I GUARD MY PERSONAL DATA BETTER THAN FORT KNOX ?
It’s not you, it’s them. No matter how well you guard your personal information, others will betray you. For example, there has been an average of one reported data breach in the U.S. every single day for the last five years, exposing more than 500 million personal records. Up to 80% of those records may have included Social Security Numbers. Could yours have been one of them?
[divider style=”single” border=”small” color=”#e2e2e2″]
December 5th, 2013
Credit Card Offers – Does Tap and Go really encourage criminals?
Armourcard was asked to be featured in an article on the website Credit Card Offers following up from the Victorian Police concerns over the roll-out of ‘contact-less’ cards & payment terminals in the last week. Making it even easier for opportunistic criminals to skim your credit card details or even worse your personal identity details. Armourcard is featured as the only ‘Active’ solution to this growing problem. Within the article, they show a demonstration of how AC works in jamming out the unwanted RFID signals and how AC protects your credits within its proximity forcefield.